The following issues were found
tools/perf/tests/mmap-thread-lookup.c
2 issues
Line: 72
Column: 3
CWE codes:
676
Suggestion:
Use nanosleep(2) or setitimer(2) instead
while (!go_away) {
/* Waiting for main thread to kill us. */
usleep(100);
}
munmap(td->map, page_size);
return NULL;
}
Reported by FlawFinder.
Line: 90
Column: 17
CWE codes:
120
20
err = pthread_create(&td->pt, NULL, thread_fn, td);
if (!err) {
/* Wait for thread initialization. */
ssize_t ret = read(td->ready[0], &go, sizeof(int));
err = ret != sizeof(int);
}
close(td->ready[0]);
close(td->ready[1]);
Reported by FlawFinder.
tools/perf/tests/mmap-basic.c
2 issues
Line: 46
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned int nr_events[nsyscalls],
expected_nr_events[nsyscalls], i, j;
struct evsel *evsels[nsyscalls], *evsel;
char sbuf[STRERR_BUFSIZE];
struct mmap *md;
threads = thread_map__new(-1, getpid(), UINT_MAX);
if (threads == NULL) {
pr_debug("thread_map__new\n");
Reported by FlawFinder.
Line: 79
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
perf_evlist__set_maps(&evlist->core, cpus, threads);
for (i = 0; i < nsyscalls; ++i) {
char name[64];
snprintf(name, sizeof(name), "sys_enter_%s", syscall_names[i]);
evsels[i] = evsel__newtp("syscalls", name);
if (IS_ERR(evsels[i])) {
pr_debug("evsel__new(%s)\n", name);
Reported by FlawFinder.
tools/lib/lockdep/preload.c
2 issues
Line: 35
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct lock_class_key key;
struct rb_node node;
#define LIBLOCKDEP_MAX_LOCK_NAME 22
char name[LIBLOCKDEP_MAX_LOCK_NAME];
};
/* This is where we store our locks */
static struct rb_root locks = RB_ROOT;
static pthread_rwlock_t locks_rwlock = PTHREAD_RWLOCK_INITIALIZER;
Reported by FlawFinder.
Line: 199
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
*
* TODO: Get the real name of the lock using libdwarf
*/
sprintf(l->name, "%p", lock);
lockdep_init_map(&l->dep_map, l->name, &l->key, 0);
ll_pthread_rwlock_wrlock(&locks_rwlock);
/* This might have changed since the last time we fetched it */
node = __get_lock_node(lock, &parent);
Reported by FlawFinder.
tools/bpf/bpftool/main.h
2 issues
Line: 70
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
extern const char * const prog_type_name[];
extern const size_t prog_type_name_size;
extern const char * const attach_type_name[__MAX_BPF_ATTACH_TYPE];
extern const char * const map_type_name[];
extern const size_t map_type_name_size;
/* keep in sync with the definition in skeleton/pid_iter.bpf.c */
Reported by FlawFinder.
Line: 128
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct obj_ref {
int pid;
char comm[16];
};
struct obj_refs {
struct hlist_node node;
__u32 id;
Reported by FlawFinder.
tools/perf/arch/arm64/util/header.c
2 issues
Line: 29
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
cpus = perf_cpu_map__get(cpus);
for (cpu = 0; cpu < perf_cpu_map__nr(cpus); cpu++) {
char path[PATH_MAX];
FILE *file;
scnprintf(path, PATH_MAX, "%s/devices/system/cpu/cpu%d"MIDR,
sysfs, cpus->map[cpu]);
Reported by FlawFinder.
Line: 35
Column: 10
CWE codes:
362
scnprintf(path, PATH_MAX, "%s/devices/system/cpu/cpu%d"MIDR,
sysfs, cpus->map[cpu]);
file = fopen(path, "r");
if (!file) {
pr_debug("fopen failed for file %s\n", path);
continue;
}
Reported by FlawFinder.
tools/testing/selftests/bpf/xdpxceiver.h
2 issues
Line: 126
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct ifobject {
char ifname[MAX_INTERFACE_NAME_CHARS];
char nsname[MAX_INTERFACES_NAMESPACE_CHARS];
struct xsk_socket_info *xsk;
struct xsk_socket_info **xsk_arr;
struct xsk_umem_info **umem_arr;
struct xsk_umem_info *umem;
Reported by FlawFinder.
Line: 127
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ifobject {
char ifname[MAX_INTERFACE_NAME_CHARS];
char nsname[MAX_INTERFACES_NAMESPACE_CHARS];
struct xsk_socket_info *xsk;
struct xsk_socket_info **xsk_arr;
struct xsk_umem_info **umem_arr;
struct xsk_umem_info *umem;
void *(*func_ptr)(void *arg);
Reported by FlawFinder.
tools/perf/pmu-events/json.c
2 issues
Line: 50
Column: 11
CWE codes:
362
struct stat st;
char *map = NULL;
int err;
int fd = open(fn, O_RDONLY);
if (fd < 0 && verbose > 0 && fn) {
pr_err("Error opening events file '%s': %s\n", fn,
strerror(errno));
}
Reported by FlawFinder.
Line: 161
Column: 16
CWE codes:
126
int json_streq(char *map, jsmntok_t *t, const char *s)
{
unsigned len = json_len(t);
return len == strlen(s) && !strncasecmp(map + t->start, s, len);
}
Reported by FlawFinder.
tools/objtool/builtin-check.c
2 issues
Line: 57
Column: 8
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
char *env;
int envc;
env = getenv("OBJTOOL_ARGS");
if (env) {
envv[0] = "OBJTOOL_ARGS";
for (envc = 1; envc < ARRAY_SIZE(envv); ) {
envv[envc++] = env;
env = strchr(env, ' ');
Reported by FlawFinder.
Line: 53
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int cmd_parse_options(int argc, const char **argv, const char * const usage[])
{
const char *envv[16] = { };
char *env;
int envc;
env = getenv("OBJTOOL_ARGS");
if (env) {
Reported by FlawFinder.
tools/perf/util/intel-pt-decoder/intel-pt-pkt-decoder.c
2 issues
Line: 24
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#define le32_to_cpu bswap_32
#define le64_to_cpu bswap_64
#define memcpy_le64(d, s, n) do { \
memcpy((d), (s), (n)); \
*(d) = le64_to_cpu(*(d)); \
} while (0)
#else
#define le16_to_cpu
#define le32_to_cpu
Reported by FlawFinder.
Line: 31
Column: 21
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#define le16_to_cpu
#define le32_to_cpu
#define le64_to_cpu
#define memcpy_le64 memcpy
#endif
static const char * const packet_name[] = {
[INTEL_PT_BAD] = "Bad Packet!",
[INTEL_PT_PAD] = "PAD",
Reported by FlawFinder.
tools/testing/selftests/bpf/prog_tests/sockmap_ktls.c
2 issues
Line: 97
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void run_tests(int family, enum bpf_map_type map_type)
{
char test_name[MAX_TEST_NAME];
int map;
map = bpf_create_map(map_type, sizeof(int), sizeof(int), 1, 0);
if (CHECK_FAIL(map < 0)) {
perror("bpf_map_create");
Reported by FlawFinder.
Line: 73
Column: 53
CWE codes:
126
goto close_cli;
}
err = setsockopt(cli, IPPROTO_TCP, TCP_ULP, "tls", strlen("tls"));
if (CHECK_FAIL(err)) {
perror("setsockopt(TCP_ULP)");
goto close_cli;
}
Reported by FlawFinder.