Line: 84 Column: 17 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly

              		pager_columns = sz.ws_col;
	if (!pager)
		pager = getenv("PAGER");
	if (!(pager || access("/usr/bin/pager", X_OK)))
		pager = "/usr/bin/pager";
	if (!(pager || access("/usr/bin/less", X_OK)))
		pager = "/usr/bin/less";
	if (!pager)
		pager = "cat";

            

Line: 86 Column: 17 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly

              		pager = getenv("PAGER");
	if (!(pager || access("/usr/bin/pager", X_OK)))
		pager = "/usr/bin/pager";
	if (!(pager || access("/usr/bin/less", X_OK)))
		pager = "/usr/bin/less";
	if (!pager)
		pager = "cat";
	if (!*pager || !strcmp(pager, "cat"))
		return;

            

Line: 73 Column: 22 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

              
void setup_pager(void)
{
	const char *pager = getenv(subcmd_config.pager_env);
	struct winsize sz;

	if (forced_pager)
		pager = forced_pager;
	if (!isatty(1) && !forced_pager)

            

Line: 83 Column: 11 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

              	if (ioctl(1, TIOCGWINSZ, &sz) == 0)
		pager_columns = sz.ws_col;
	if (!pager)
		pager = getenv("PAGER");
	if (!(pager || access("/usr/bin/pager", X_OK)))
		pager = "/usr/bin/pager";
	if (!(pager || access("/usr/bin/less", X_OK)))
		pager = "/usr/bin/less";
	if (!pager)

            

Line: 124 Column: 6 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

              {
	char *s;

	s = getenv("COLUMNS");
	if (s)
		return atoi(s);

	return (pager_columns ? pager_columns : 80) - 2;
}

            

Line: 126 Column: 10 CWE codes: 190
Suggestion: If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)

              
	s = getenv("COLUMNS");
	if (s)
		return atoi(s);

	return (pager_columns ? pager_columns : 80) - 2;
}

            

Line: 702 Column: 14 CWE codes: 120 20
Suggestion: Check implementation on installation, or limit the size of all string inputs

              	int proto_count = 0;
	int c;

	while ((c = getopt(argc, argv,
				"46bc:CeEFhIl:LnNp:PrRS:t:uv:V:x")) != -1) {
		switch (c) {
		case '4':
			do_ipv6 = 0;
			break;

            

Line: 277 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
static void print_pktinfo(int family, int ifindex, void *saddr, void *daddr)
{
	char sa[INET6_ADDRSTRLEN], da[INET6_ADDRSTRLEN];

	fprintf(stderr, "         pktinfo: ifindex=%u src=%s dst=%s\n",
		ifindex,
		saddr ? inet_ntop(family, saddr, sa, sizeof(sa)) : "unknown",
		daddr ? inet_ntop(family, daddr, da, sizeof(da)) : "unknown");

            

Line: 364 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
static int recv_errmsg(int fd)
{
	static char ctrl[1024 /* overprovision*/];
	static struct msghdr msg;
	struct iovec entry;
	static char *data;
	int ret = 0;


            

Line: 482 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
static void do_test(int family, unsigned int report_opt)
{
	char control[CMSG_SPACE(sizeof(uint32_t))];
	struct sockaddr_ll laddr;
	unsigned int sock_opt;
	struct cmsghdr *cmsg;
	struct msghdr msg;
	struct iovec iov;

            

Line: 642 Column: 4 CWE codes: 676
Suggestion: Use nanosleep(2) or setitimer(2) instead

              
		/* wait for all errors to be queued, else ACKs arrive OOO */
		if (cfg_sleep_usec)
			usleep(cfg_sleep_usec);

		if (!cfg_busy_poll) {
			if (cfg_use_epoll)
				__epoll(epfd);
			else

            

Line: 662 Column: 2 CWE codes: 676
Suggestion: Use nanosleep(2) or setitimer(2) instead

              		error(1, errno, "close");

	free(buf);
	usleep(100 * NSEC_PER_USEC);
}

static void __attribute__((noreturn)) usage(const char *filepath)
{
	fprintf(stderr, "\nUsage: %s [options] hostname\n"

            

Line: 75 Column: 17 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available

              	stackid_hmap_fd = bpf_map__fd(skel->maps.stackid_hmap);
	stackmap_fd = bpf_map__fd(skel->maps.stackmap);

	if (CHECK_FAIL(system("dd if=/dev/urandom of=/dev/zero count=4 2> /dev/null")))
		goto cleanup;
	if (CHECK_FAIL(system("taskset 0x1 ./urandom_read 100000")))
		goto cleanup;
	/* disable stack trace collection */
	key = 0;

            

Line: 77 Column: 17 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available

              
	if (CHECK_FAIL(system("dd if=/dev/urandom of=/dev/zero count=4 2> /dev/null")))
		goto cleanup;
	if (CHECK_FAIL(system("taskset 0x1 ./urandom_read 100000")))
		goto cleanup;
	/* disable stack trace collection */
	key = 0;
	val = 1;
	bpf_map_update_elem(control_map_fd, &key, &val, 0);

            

Line: 11 Column: 6 CWE codes: 362

              	FILE *f;
	__u32 duration = 0;

	f = fopen("/proc/sys/kernel/perf_event_max_sample_rate", "r");
	if (f == NULL)
		return sample_freq;
	CHECK(fscanf(f, "%llu", &sample_freq) != 1, "Get max sample rate",
		  "return default value: 5000,err %d\n", -errno);
	fclose(f);

            

Line: 31 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              		.config = PERF_COUNT_HW_CPU_CYCLES,
	};
	__u32 key, previous_key, val, duration = 0;
	char buf[256];
	int i, j;
	struct bpf_stack_build_id id_offs[PERF_MAX_STACK_DEPTH];
	int build_id_matches = 0;
	int retry = 1;


            

Line: 109 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              		goto cleanup;

	do {
		char build_id[64];

		err = bpf_map_lookup_elem(stackmap_fd, &key, id_offs);
		if (CHECK(err, "lookup_elem from stackmap",
			  "err %d, errno %d\n", err, errno))
			goto cleanup;

            

Line: 119 Column: 6 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              			if (id_offs[i].status == BPF_STACK_BUILD_ID_VALID &&
			    id_offs[i].offset != 0) {
				for (j = 0; j < 20; ++j)
					sprintf(build_id + 2 * j, "%02x",
						id_offs[i].build_id[j] & 0xff);
				if (strstr(buf, build_id) != NULL)
					build_id_matches = 1;
			}
		previous_key = key;

            

Line: 112 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	bi->num_aggr = ch->num_aggr;
	bi->total_cycles = total_cycles;

	memcpy(bi->cycles_spark, ch->cycles_spark,
	       NUM_SPARKS * sizeof(u64));
}

int block_info__process_sym(struct hist_entry *he, struct block_hist *bh,
			    u64 *block_cycles_aggr, u64 total_cycles)

            

Line: 244 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
	struct block_fmt *block_fmt = container_of(fmt, struct block_fmt, fmt);
	struct block_info *bi = he->block_info;
	char cycles_buf[16];

	cycles_string(bi->cycles_aggr, cycles_buf, sizeof(cycles_buf));

	return scnprintf(hpp->buf, hpp->size, "%*s", block_fmt->width,
			 cycles_buf);

            

Line: 274 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
	struct block_fmt *block_fmt = container_of(fmt, struct block_fmt, fmt);
	struct block_info *bi = he->block_info;
	char cycles_buf[16];

	cycles_string(bi->cycles_aggr / bi->num_aggr, cycles_buf,
		      sizeof(cycles_buf));

	return scnprintf(hpp->buf, hpp->size, "%*s", block_fmt->width,

            

Line: 288 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
	struct block_fmt *block_fmt = container_of(fmt, struct block_fmt, fmt);
	struct block_info *bi = he->block_info;
	char buf[128];
	char *start_line, *end_line;

	symbol_conf.disable_add2line_warn = true;

	start_line = map__srcline(he->ms.map, bi->sym->start + bi->start,

            

Line: 299 Column: 44 CWE codes: 126

              	end_line = map__srcline(he->ms.map, bi->sym->start + bi->end,
				he->ms.sym);

	if ((strncmp(start_line, SRCLINE_UNKNOWN, strlen(SRCLINE_UNKNOWN)) != 0) &&
	    (strncmp(end_line, SRCLINE_UNKNOWN, strlen(SRCLINE_UNKNOWN)) != 0)) {
		scnprintf(buf, sizeof(buf), "[%s -> %s]",
			  start_line, end_line);
	} else {
		scnprintf(buf, sizeof(buf), "[%7lx -> %7lx]",

            

Line: 300 Column: 42 CWE codes: 126

              				he->ms.sym);

	if ((strncmp(start_line, SRCLINE_UNKNOWN, strlen(SRCLINE_UNKNOWN)) != 0) &&
	    (strncmp(end_line, SRCLINE_UNKNOWN, strlen(SRCLINE_UNKNOWN)) != 0)) {
		scnprintf(buf, sizeof(buf), "[%s -> %s]",
			  start_line, end_line);
	} else {
		scnprintf(buf, sizeof(buf), "[%7lx -> %7lx]",
			  bi->start, bi->end);

            

Line: 263 Column: 4 CWE codes: 120
Suggestion: Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)

              			}
			queue_path[0] = '/';
			queue_path[1] = 0;
			strcat(queue_path, argv[1]);
		}
	}

	if (getuid() != 0)
		ksft_exit_skip("Not running as root, but almost all tests "

            

Line: 273 Column: 13 CWE codes: 362

              			"Exiting.\n");

	/* Find out what files there are for us to make tweaks in */
	def_msgs = fopen(DEF_MSGS, "r+");
	def_msgsize = fopen(DEF_MSGSIZE, "r+");
	max_msgs = fopen(MAX_MSGS, "r+");
	max_msgsize = fopen(MAX_MSGSIZE, "r+");

	if (!max_msgs)

            

Line: 274 Column: 16 CWE codes: 362

              
	/* Find out what files there are for us to make tweaks in */
	def_msgs = fopen(DEF_MSGS, "r+");
	def_msgsize = fopen(DEF_MSGSIZE, "r+");
	max_msgs = fopen(MAX_MSGS, "r+");
	max_msgsize = fopen(MAX_MSGSIZE, "r+");

	if (!max_msgs)
		shutdown(2, "Failed to open msg_max", __LINE__);

            

Line: 275 Column: 13 CWE codes: 362

              	/* Find out what files there are for us to make tweaks in */
	def_msgs = fopen(DEF_MSGS, "r+");
	def_msgsize = fopen(DEF_MSGSIZE, "r+");
	max_msgs = fopen(MAX_MSGS, "r+");
	max_msgsize = fopen(MAX_MSGSIZE, "r+");

	if (!max_msgs)
		shutdown(2, "Failed to open msg_max", __LINE__);
	if (!max_msgsize)

            

Line: 276 Column: 16 CWE codes: 362

              	def_msgs = fopen(DEF_MSGS, "r+");
	def_msgsize = fopen(DEF_MSGSIZE, "r+");
	max_msgs = fopen(MAX_MSGS, "r+");
	max_msgsize = fopen(MAX_MSGSIZE, "r+");

	if (!max_msgs)
		shutdown(2, "Failed to open msg_max", __LINE__);
	if (!max_msgsize)
		shutdown(2, "Failed to open msgsize_max", __LINE__);

            

Line: 256 Column: 24 CWE codes: 126

              		if (*argv[1] == '/')
			queue_path = strdup(argv[1]);
		else {
			queue_path = malloc(strlen(argv[1]) + 2);
			if (!queue_path) {
				perror("malloc()");
				exit(1);
			}
			queue_path[0] = '/';

            

Line: 1725 Column: 2 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)

              	card_ctx = card->private_data;
	card_ctx->dev = &pdev->dev;
	card_ctx->card = card;
	strcpy(card->driver, INTEL_HAD);
	strcpy(card->shortname, "Intel HDMI/DP LPE Audio");
	strcpy(card->longname, "Intel HDMI/DP LPE Audio");

	card_ctx->irq = -1;


            

Line: 1476 Column: 2 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              	struct snd_intelhad *intelhaddata = snd_kcontrol_chip(kcontrol);

	mutex_lock(&intelhaddata->mutex);
	memcpy(ucontrol->value.bytes.data, intelhaddata->eld,
	       HDMI_MAX_ELD_BYTES);
	mutex_unlock(&intelhaddata->mutex);
	return 0;
}


            

Line: 1620 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              static int had_create_jack(struct snd_intelhad *ctx,
			   struct snd_pcm *pcm)
{
	char hdmi_str[32];
	int err;

	snprintf(hdmi_str, sizeof(hdmi_str),
		 "HDMI/DP,pcm=%d", pcm->device);


            

Line: 1726 Column: 2 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)

              	card_ctx->dev = &pdev->dev;
	card_ctx->card = card;
	strcpy(card->driver, INTEL_HAD);
	strcpy(card->shortname, "Intel HDMI/DP LPE Audio");
	strcpy(card->longname, "Intel HDMI/DP LPE Audio");

	card_ctx->irq = -1;

	card->private_free = hdmi_lpe_audio_free;

            

Line: 1727 Column: 2 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)

              	card_ctx->card = card;
	strcpy(card->driver, INTEL_HAD);
	strcpy(card->shortname, "Intel HDMI/DP LPE Audio");
	strcpy(card->longname, "Intel HDMI/DP LPE Audio");

	card_ctx->irq = -1;

	card->private_free = hdmi_lpe_audio_free;


            

Line: 1792 Column: 39 CWE codes: 126

              		/* setup private data which can be retrieved when required */
		pcm->private_data = ctx;
		pcm->info_flags = 0;
		strscpy(pcm->name, card->shortname, strlen(card->shortname));
		/* setup the ops for playback */
		snd_pcm_set_ops(pcm, SNDRV_PCM_STREAM_PLAYBACK, &had_pcm_ops);

		/* allocate dma pages;
		 * try to allocate 600k buffer as default which is large enough

            

Line: 38 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	int i, n;
	int choice;
	char *cmd;
	char pbuf[256], tidbuf[32], cpubuf[32];
	const char *perf = perf_exe(pbuf, sizeof pbuf);
	char trange[128], tsample[64];
	struct res_sample *r;
	char extra_format[256];


            

Line: 40 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	char *cmd;
	char pbuf[256], tidbuf[32], cpubuf[32];
	const char *perf = perf_exe(pbuf, sizeof pbuf);
	char trange[128], tsample[64];
	struct res_sample *r;
	char extra_format[256];

	names = calloc(num_res, sizeof(char *));
	if (!names)

            

Line: 42 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	const char *perf = perf_exe(pbuf, sizeof pbuf);
	char trange[128], tsample[64];
	struct res_sample *r;
	char extra_format[256];

	names = calloc(num_res, sizeof(char *));
	if (!names)
		return -1;
	for (i = 0; i < num_res; i++) {

            

Line: 48 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	if (!names)
		return -1;
	for (i = 0; i < num_res; i++) {
		char tbuf[64];

		timestamp__scnprintf_nsec(res_samples[i].time, tbuf, sizeof tbuf);
		if (asprintf(&names[i], "%s: CPU %d tid %d", tbuf,
			     res_samples[i].cpu, res_samples[i].tid) < 0) {
			while (--i >= 0)

            

Line: 82 Column: 23 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              		     input_name ? input_name : "",
		     trange,
		     r->cpu >= 0 ? "--cpu " : "",
		     r->cpu >= 0 ? (sprintf(cpubuf, "%d", r->cpu), cpubuf) : "",
		     r->tid ? "--tid " : "",
		     r->tid ? (sprintf(tidbuf, "%d", r->tid), tidbuf) : "",
		     extra_format,
		     rstype == A_ASM ? "-F +insn --xed" :
		     rstype == A_SOURCE ? "-F +srcline,+srccode" : "",

            

Line: 84 Column: 18 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

              		     r->cpu >= 0 ? "--cpu " : "",
		     r->cpu >= 0 ? (sprintf(cpubuf, "%d", r->cpu), cpubuf) : "",
		     r->tid ? "--tid " : "",
		     r->tid ? (sprintf(tidbuf, "%d", r->tid), tidbuf) : "",
		     extra_format,
		     rstype == A_ASM ? "-F +insn --xed" :
		     rstype == A_SOURCE ? "-F +srcline,+srccode" : "",
		     symbol_conf.inline_name ? "--inline" : "",
		     "--show-lost-events ",

            

Line: 997 Column: 2 CWE codes: 134
Suggestion: Make format string constant

              	pcm->private_free = snd_usx2y_pcm_private_free;
	pcm->info_flags = 0;

	sprintf(pcm->name, NAME_ALLCAPS" Audio #%d", usx2y(card)->pcm_devs);

	if (playback_endpoint) {
		snd_pcm_set_managed_buffer(pcm->streams[SNDRV_PCM_STREAM_PLAYBACK].substream,
					   SNDRV_DMA_TYPE_CONTINUOUS,
					   NULL,

            

Line: 85 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              		if ((hwptr_done + len) > runtime->buffer_size) {
			cnt = runtime->buffer_size - hwptr_done;
			blen = cnt * usx2y->stride;
			memcpy(runtime->dma_area + hwptr_done * usx2y->stride, cp, blen);
			memcpy(runtime->dma_area, cp + blen, len * usx2y->stride - blen);
		} else {
			memcpy(runtime->dma_area + hwptr_done * usx2y->stride, cp,
			       len * usx2y->stride);
		}

            

Line: 86 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              			cnt = runtime->buffer_size - hwptr_done;
			blen = cnt * usx2y->stride;
			memcpy(runtime->dma_area + hwptr_done * usx2y->stride, cp, blen);
			memcpy(runtime->dma_area, cp + blen, len * usx2y->stride - blen);
		} else {
			memcpy(runtime->dma_area + hwptr_done * usx2y->stride, cp,
			       len * usx2y->stride);
		}
		lens += len;

            

Line: 88 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              			memcpy(runtime->dma_area + hwptr_done * usx2y->stride, cp, blen);
			memcpy(runtime->dma_area, cp + blen, len * usx2y->stride - blen);
		} else {
			memcpy(runtime->dma_area + hwptr_done * usx2y->stride, cp,
			       len * usx2y->stride);
		}
		lens += len;
		hwptr_done += len;
		if (hwptr_done >= runtime->buffer_size)

            

Line: 148 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              			 */
			len = runtime->buffer_size - subs->hwptr;
			urb->transfer_buffer = subs->tmpbuf;
			memcpy(subs->tmpbuf, runtime->dma_area +
			       subs->hwptr * usx2y->stride, len * usx2y->stride);
			memcpy(subs->tmpbuf + len * usx2y->stride,
			       runtime->dma_area, (count - len) * usx2y->stride);
			subs->hwptr += count;
			subs->hwptr -= runtime->buffer_size;

            

Line: 150 Column: 4 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              			urb->transfer_buffer = subs->tmpbuf;
			memcpy(subs->tmpbuf, runtime->dma_area +
			       subs->hwptr * usx2y->stride, len * usx2y->stride);
			memcpy(subs->tmpbuf + len * usx2y->stride,
			       runtime->dma_area, (count - len) * usx2y->stride);
			subs->hwptr += count;
			subs->hwptr -= runtime->buffer_size;
		} else {
			/* set the buffer pointer */

            

Line: 91 Column: 8 CWE codes: 362 20
Suggestion: Reconsider approach

              	if (ret < 0 || ret >= 4096)
		return -1;

	ret = readlink(procfd, buf, buflen);
	if (ret < 0 || (size_t)ret >= buflen)
		return -1;

	buf[ret] = '\0';


            

Line: 85 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              static int resolve_procfd_symlink(int fd, char *buf, size_t buflen)
{
	int ret;
	char procfd[4096];

	ret = snprintf(procfd, 4096, "/proc/self/fd/%d", fd);
	if (ret < 0 || ret >= 4096)
		return -1;


            

Line: 105 Column: 11 CWE codes: 362

              	int ret;
	int master = -1, slave = -1, fret = -1;

	master = open(ptmx, O_RDWR | O_NOCTTY | O_CLOEXEC);
	if (master < 0) {
		fprintf(stderr, "Failed to open \"%s\": %s\n", ptmx,
			strerror(errno));
		return -1;
	}

            

Line: 143 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              		goto do_cleanup;

	if (pid == 0) {
		char buf[4096];

		ret = login_pty(slave);
		if (ret < 0) {
			fprintf(stderr, "Failed to setup terminal\n");
			_exit(EXIT_FAILURE);

            

Line: 258 Column: 16 CWE codes: 377

              	char mntpoint_fd;
	char ptmx[] = P_tmpdir "/devpts_ptmx_XXXXXX";

	mntpoint_fd = mkstemp(ptmx);
	if (mntpoint_fd < 0) {
		fprintf(stderr, "Failed to create temporary directory: %s\n",
				 strerror(errno));
		return -1;
	}

            

Line: 159 Column: 8 CWE codes: 126

              		}

		if (strncmp(expected_procfd_contents, buf,
			    strlen(expected_procfd_contents)) != 0) {
			fprintf(stderr, "Received invalid contents for "
					"\"/proc/<pid>/fd/%d\" symlink: %s\n",
					STDIN_FILENO, buf);
			_exit(-1);
		}

            

Line: 244 Column: 8 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available

              	printf("\nNormal ping RTT data\n");
	printf("[Ignore final RTT; it is distorted by XDP using the reply]\n");

	ret = system(cmd);

	if (!ret)
		ret = get_stats(map_fd, count, raddr);

	cleanup(0);

            

Line: 107 Column: 16 CWE codes: 120 20
Suggestion: Check implementation on installation, or limit the size of all string inputs

              	int server = 0;
	char cmd[256];

	while ((opt = getopt(argc, argv, optstr)) != -1) {
		switch (opt) {
		case 'c':
			count = atoi(optarg);
			if (count < 1 || count > XDPING_MAX_COUNT) {
				fprintf(stderr,

            

Line: 39 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              static int get_stats(int fd, __u16 count, __u32 raddr)
{
	struct pinginfo pinginfo = { 0 };
	char inaddrbuf[INET_ADDRSTRLEN];
	struct in_addr inaddr;
	__u16 i;

	inaddr.s_addr = raddr;


            

Line: 101 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	struct bpf_object *obj;
	struct bpf_map *map;
	char *ifname = NULL;
	char filename[256];
	int opt, ret = 1;
	__u32 raddr = 0;
	int server = 0;
	char cmd[256];


            

Line: 105 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              	int opt, ret = 1;
	__u32 raddr = 0;
	int server = 0;
	char cmd[256];

	while ((opt = getopt(argc, argv, optstr)) != -1) {
		switch (opt) {
		case 'c':
			count = atoi(optarg);

            

Line: 110 Column: 12 CWE codes: 190
Suggestion: If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)

              	while ((opt = getopt(argc, argv, optstr)) != -1) {
		switch (opt) {
		case 'c':
			count = atoi(optarg);
			if (count < 1 || count > XDPING_MAX_COUNT) {
				fprintf(stderr,
					"min count is 1, max count is %d\n",
					XDPING_MAX_COUNT);
				return 1;