Code Security Report: 22 high severity findings, 31 total findings [develop]

[mend-for-github-com]

Code Security Report

Scan Metadata

Latest Scan: 2025-01-15 05:19pm
Total Findings: 31 | New Findings: 0 | Resolved Findings: 0
Tested Project Files: 349
Detected Programming Languages: 2 (Python*, C/C++ (Beta))

• Check this box to manually trigger a scan

Most Relevant Findings

The list below presents the 10 most relevant findings that need your attention. To view information on the remaining findings, navigate to the Mend Application.

Severity	Vulnerability Type	CWE	File	Data Flows	Detected
High	Out of Buffer Bounds Write	CWE-787	libmtd.c:64	1	2025-01-15 05:24pm
Vulnerable Code fio/oslib/libmtd.c Lines 59 to 64 in e4fcf01 memcpy(n, path, len1); if (n[len1 - 1] != '/') n[len1++] = '/'; memcpy(n + len1, name, len2 + 1); 1 Data Flow/s detected fio/oslib/libmtd.c Line 64 in e4fcf01 memcpy(n + len1, name, len2 + 1); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Out of Buffer Bounds Write Training ● Videos    ▪ Secure Code Warrior Out of Buffer Bounds Write Video
High	Out of Buffer Bounds Write	CWE-787	parse.c:336	1	2025-01-15 05:24pm
Vulnerable Code fio/parse.c Lines 331 to 336 in e4fcf01 double dval; if (str[0] == '(') { rc = evaluate_arithmetic_expression(str, &ival, &dval, 1.0, is_time); if (!rc) { *val = dval; 1 Data Flow/s detected fio/parse.c Line 336 in e4fcf01 *val = dval; Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Out of Buffer Bounds Write Training ● Videos    ▪ Secure Code Warrior Out of Buffer Bounds Write Video
High	Double Free	CWE-415	gclient.c:597	1	2025-01-15 05:24pm
Vulnerable Code fio/gclient.c Lines 592 to 597 in e4fcf01 c2 = num2str(o->max_bs[DDIR_READ], o->sig_figs, 1, i2p, N2S_BYTE); c3 = num2str(o->min_bs[DDIR_WRITE], o->sig_figs, 1, i2p, N2S_BYTE); c4 = num2str(o->max_bs[DDIR_WRITE], o->sig_figs, 1, i2p, N2S_BYTE); sprintf(tmp, "%s-%s,%s-%s", c1, c2, c3, c4); free(c1); 1 Data Flow/s detected fio/gclient.c Line 597 in e4fcf01 free(c1); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Double Free Training ● Videos    ▪ Secure Code Warrior Double Free Video
High	Use After Free	CWE-416	eta.c:621	1	2025-01-15 05:24pm
Vulnerable Code fio/eta.c Lines 616 to 621 in e4fcf01 /* rate limits, if any */ if (je->m_rate[0] || je->m_rate[1] || je->m_rate[2] || je->t_rate[0] || je->t_rate[1] || je->t_rate[2]) { char *tr, *mr; mr = num2str(je->m_rate[0] + je->m_rate[1] + je->m_rate[2], 1 Data Flow/s detected fio/eta.c Line 621 in e4fcf01 mr = num2str(je->m_rate[0] + je->m_rate[1] + je->m_rate[2], Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Use After Free Training ● Videos    ▪ Secure Code Warrior Use After Free Video
High	Path/Directory Traversal	CWE-22	verify-state.c:105	1	2025-01-15 05:24pm
Vulnerable Code fio/t/verify-state.c Lines 100 to 105 in e4fcf01 { struct stat sb; void *buf; int ret, fd; fd = open(file, O_RDONLY); 1 Data Flow/s detected fio/t/verify-state.c Line 151 in e4fcf01 ret = show_file(argv[i]); fio/t/verify-state.c Line 99 in e4fcf01 static int show_file(const char *file) fio/t/verify-state.c Line 105 in e4fcf01 fd = open(file, O_RDONLY); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Path/Directory Traversal Training ● Videos    ▪ Secure Code Warrior Path/Directory Traversal Video ● Further Reading    ▪ OWASP Path Traversal    ▪ OWASP Input Validation Cheat Sheet
High	Path/Directory Traversal	CWE-22	dedupe.c:432	1	2025-01-15 05:24pm
Vulnerable Code fio/t/dedupe.c Lines 427 to 432 in e4fcf01 flags |= OS_O_DIRECT; memset(&file, 0, sizeof(file)); file.file_name = strdup(filename); file.fd = open(filename, flags); 1 Data Flow/s detected fio/t/dedupe.c Line 582 in e4fcf01 ret = dedupe_check(argv[optind], &nextents, &nchunks); fio/t/dedupe.c Line 419 in e4fcf01 uint64_t *nchunks) fio/t/dedupe.c Line 432 in e4fcf01 file.fd = open(filename, flags); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Path/Directory Traversal Training ● Videos    ▪ Secure Code Warrior Path/Directory Traversal Video ● Further Reading    ▪ OWASP Path Traversal    ▪ OWASP Input Validation Cheat Sheet
High	Path/Directory Traversal	CWE-22	io_uring.c:547	1	2025-01-15 05:24pm
Vulnerable Code fio/t/io_uring.c Lines 542 to 547 in e4fcf01 if (s->nr_files == MAX_FDS) { printf("Max number of files (%d) reached\n", MAX_FDS); break; } fd = open(argv[i], flags); 1 Data Flow/s detected fio/t/io_uring.c Line 547 in e4fcf01 fd = open(argv[i], flags); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Path/Directory Traversal Training ● Videos    ▪ Secure Code Warrior Path/Directory Traversal Video ● Further Reading    ▪ OWASP Path Traversal    ▪ OWASP Input Validation Cheat Sheet
High	Out of Buffer Bounds Write	CWE-787	parse.c:1209	1	2025-01-15 05:24pm
Vulnerable Code fio/parse.c Lines 1204 to 1209 in e4fcf01 p = malloc(sizeof(unsigned int) * (s2_len + 1)); q = malloc(sizeof(unsigned int) * (s2_len + 1)); p[0] = 0; for (i = 1; i <= s2_len; i++) p[i] = p[i - 1] + 1; 1 Data Flow/s detected fio/parse.c Line 1209 in e4fcf01 p[i] = p[i - 1] + 1; Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Out of Buffer Bounds Write Training ● Videos    ▪ Secure Code Warrior Out of Buffer Bounds Write Video
High	Out of Buffer Bounds Write	CWE-787	gclient.c:1255	1	2025-01-15 05:24pm
Vulnerable Code fio/gclient.c Lines 1250 to 1255 in e4fcf01 label = new_info_label_in_frame(box, "Minimum"); label_set_int_value(label, min[0]); label = new_info_label_in_frame(box, "Maximum"); label_set_int_value(label, max[0]); label = new_info_label_in_frame(box, "Percentage of jobs"); sprintf(tmp, "%3.2f%%", p_of_agg); 1 Data Flow/s detected fio/gclient.c Line 1255 in e4fcf01 sprintf(tmp, "%3.2f%%", p_of_agg); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Out of Buffer Bounds Write Training ● Videos    ▪ Secure Code Warrior Out of Buffer Bounds Write Video
High	Use After Free	CWE-416	gclient.c:597	1	2025-01-15 05:24pm
Vulnerable Code fio/gclient.c Lines 592 to 597 in e4fcf01 c2 = num2str(o->max_bs[DDIR_READ], o->sig_figs, 1, i2p, N2S_BYTE); c3 = num2str(o->min_bs[DDIR_WRITE], o->sig_figs, 1, i2p, N2S_BYTE); c4 = num2str(o->max_bs[DDIR_WRITE], o->sig_figs, 1, i2p, N2S_BYTE); sprintf(tmp, "%s-%s,%s-%s", c1, c2, c3, c4); free(c1); 1 Data Flow/s detected fio/gclient.c Line 597 in e4fcf01 free(c1); Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Use After Free Training ● Videos    ▪ Secure Code Warrior Use After Free Video

Findings Overview

Severity	Vulnerability Type	CWE	Language	Count
High	Integer Overflow	CWE-190	C/C++ (Beta)	1
High	Buffer Overflow	CWE-121	C/C++ (Beta)	6
High	Out of Buffer Bounds Write	CWE-787	C/C++ (Beta)	6
High	Use After Free	CWE-416	C/C++ (Beta)	2
High	Double Free	CWE-415	C/C++ (Beta)	2
High	Path/Directory Traversal	CWE-22	C/C++ (Beta)	5
Medium	Integer Underflow	CWE-191	C/C++ (Beta)	1
Medium	Out of Buffer Bounds Read	CWE-125	C/C++ (Beta)	3
Medium	Heap Inspection	CWE-244	C/C++ (Beta)	2
Medium	Time of Check Time of Use	CWE-367	C/C++ (Beta)	1
Low	Uncontrolled Memory Allocation	CWE-789	C/C++ (Beta)	2