Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/clp-1.17.5+repack1/Clp/examples/defaults.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/ekk.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/minimum.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/testGub.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/decompose.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/sprint.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/makeDual.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/iis.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/dualCuts.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/rowColumn.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/pdco.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/testBarrier.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/decomp2.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/decomp3.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/driver.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/driverC.c
Examining data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/sprint2.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/addRows.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/hello.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/addBits.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/driver2.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/driver3.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/testQP.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/piece.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/modify.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/network.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/addColumns.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/ekk_interface.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/myPdco.cpp
Examining data/clp-1.17.5+repack1/Clp/examples/myPdco.hpp
Examining data/clp-1.17.5+repack1/Clp/examples/testBasis.cpp
Examining data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp
Examining data/clp-1.17.5+repack1/Clp/test/osiUnitTest.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpGubMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplex.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcWarmStart.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcDualRowPivot.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyUfl.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpQuadraticObjective.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcCommon.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcFactorization1.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcDualRowDantzig.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPredictorCorrector.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyDense.hpp
Examining data/clp-1.17.5+repack1/Clp/src/Idiot.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplexParallel.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpObjective.hpp
Examining data/clp-1.17.5+repack1/Clp/src/config_default.h
Examining data/clp-1.17.5+repack1/Clp/src/IdiSolve.cpp
Examining data/clp-1.17.5+repack1/Clp/src/Clp_ampl.h
Examining data/clp-1.17.5+repack1/Clp/src/ClpPredictorCorrector.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcFactorization3.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPrimalColumnSteepest.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPrimalColumnSteepest.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPdcoBase.hpp
Examining data/clp-1.17.5+repack1/Clp/src/unitTest.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexPrimal.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPdcoBase.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpConstraintQuadratic.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcFactorization5.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpInterior.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPackedMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplexPrimal.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpConstraintQuadratic.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDualRowDantzig.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcOrderedFactorization1.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpMatrixBase.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcOrderedFactorization3.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcPrimalColumnPivot.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpMain.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcSmallFactorization2.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpEventHandler.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDummyMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcSmallFactorization4.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcOrderedFactorization5.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcCommonFactorization.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyTaucs.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpLsqr.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNetworkBasis.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNode.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyBase.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcPrimalColumnPivot.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpGubDynamicMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexNonlinear.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpHelperFunctions.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcPrimalColumnDantzig.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNonLinearCost.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEDualRowDantzig.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpGubDynamicMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyPardiso.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcNonLinearCost.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpHelperFunctions.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpConstraintLinear.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization2.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplexFactorization.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization4.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPlusMinusOneMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyWssmp.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplex.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEDualRowDantzig.cpp
Examining data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.hpp
Examining data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpMessage.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpConstraint.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpConstraint.cpp
Examining data/clp-1.17.5+repack1/Clp/src/Idiot.cpp
Examining data/clp-1.17.5+repack1/Clp/src/MyEventHandler.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpMessage.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcPrimalColumnSteepest.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcPrimalColumnSteepest.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDualRowSteepest.cpp
Examining data/clp-1.17.5+repack1/Clp/src/MyEventHandler.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyWssmpKKT.hpp
Examining data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.h
Examining data/clp-1.17.5+repack1/Clp/src/ClpDualRowSteepest.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcDualRowSteepest.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEPrimalColumnDantzig.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpGubMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpParameters.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcFactorization.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcDenseFactorization.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpModel.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyMumps.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcDualRowDantzig.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcFactorization2.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcDenseFactorization.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcFactorization4.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcOrderedFactorization2.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPrimalColumnDantzig.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPrimalColumnPivot.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcOrderedFactorization4.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexPrimal.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPresolve.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDualRowPivot.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpInterior.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplexPrimal.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDualRowDantzig.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEPrimalColumnSteepest.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpMatrixBase.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpLinearObjective.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization1.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization3.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpFactorization.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization5.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNetworkMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEDualRowSteepest.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNetworkBasis.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyBase.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNonLinearCost.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpConstraintLinear.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDynamicExampleMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcHelperFunctions.cpp
Examining data/clp-1.17.5+repack1/Clp/src/MyMessageHandler.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplexFactorization.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcNonLinearCost.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPlusMinusOneMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcDualRowPivot.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPrimalQuadraticDantzig.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpQuadraticObjective.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyMumps.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpConfig.h
Examining data/clp-1.17.5+repack1/Clp/src/ClpObjective.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPackedMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEPrimalColumnDantzig.hpp
Examining data/clp-1.17.5+repack1/Clp/src/config_clp_default.h
Examining data/clp-1.17.5+repack1/Clp/src/ClpEventHandler.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDummyMatrix.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyTaucs.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNode.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexNonlinear.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPrimalColumnDantzig.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPrimalColumnPivot.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcPrimalColumnDantzig.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp
Examining data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyPardiso.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDualRowPivot.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPresolve.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcSmallFactorization1.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcSmallFactorization3.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEPrimalColumnSteepest.hpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcSmallFactorization5.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpLinearObjective.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyWssmp.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcCommon.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpFactorization.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpNetworkMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPEDualRowSteepest.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyWssmpKKT.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyUfl.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp
Examining data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpPdco.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpDynamicExampleMatrix.hpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcWarmStart.cpp
Examining data/clp-1.17.5+repack1/Clp/src/CoinAbcHelperFunctions.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpSolve.hpp
Examining data/clp-1.17.5+repack1/Clp/src/MyMessageHandler.hpp
Examining data/clp-1.17.5+repack1/Clp/src/ClpCholeskyDense.cpp
Examining data/clp-1.17.5+repack1/Clp/src/AbcDualRowSteepest.cpp
Examining data/clp-1.17.5+repack1/BuildTools/headers/configall_system.h
Examining data/clp-1.17.5+repack1/BuildTools/headers/configall_system_msc.h
FINAL RESULTS:
data/clp-1.17.5+repack1/Clp/examples/network.cpp:43:6: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fscanf(fp, "%s", temp);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:512:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%g was provided for %s - valid range is %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:531:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:553:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%g was provided for %s - valid range is %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:557:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:653:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%d was provided for %s - valid range is %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:658:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:687:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "using time of day %s was changed from %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:796:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%d was provided for %s - valid range is %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:809:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:841:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%g was provided for %s - valid range is %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:887:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:942:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%d was provided for %s - valid range is %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1007:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1097:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(current, definedKeyWords_[currentKeyWord_].c_str());
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1103:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newString, definedKeyWords_[value].c_str());
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1108:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "Option for %s changed from %s to %s",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1135:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(current, definedKeyWords_[currentKeyWord_].c_str());
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1140:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "Option for %s changed from %s to %s",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1144:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "Option for %s given illegal value %s",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1162:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%d was provided for %s - valid range is %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1167:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %d to %d",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1186:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%g was provided for %s - valid range is %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1191:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printArray, "%s was changed from %g to %g",
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1272:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, where);
data/clp-1.17.5+repack1/Clp/src/ClpHelperFunctions.cpp:125:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%s: %d : \'%s\' failed.", fileName.c_str(), lineNumber, message.c_str());
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4059:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, rowName(i).c_str());
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4069:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, columnName(i).c_str());
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4104:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp2, "+%s", coinModel->getColumnName(kColumn));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4106:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp2, "-%s", coinModel->getColumnName(kColumn));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4108:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp2, "+%g*%s", value, coinModel->getColumnName(kColumn));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4110:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp2, "%g*%s", value, coinModel->getColumnName(kColumn));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4111:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, temp2);
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:6922:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(put, rowNames_[i].c_str());
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:6932:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(put, columnNames_[i].c_str());
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2287:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Empty parametrics file %s?", dataFile);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2363:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Odd first line %s on file %s?", line, dataFile);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2370:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Not enough records on parametrics file %s?", dataFile);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2528:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(saveLine, line);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2535:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, " ** %d records did not match on name/sequence, first bad %s", nBadName, saveLine);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2555:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Not enough records on parametrics file %s after COLUMNS?", dataFile);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2702:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(saveLine, line);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2709:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, " ** %d records did not match on name/sequence, first bad %s", nBadName, saveLine);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4217:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in, columnNames_[iSequence].c_str());
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4223:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in, rowNames_[iSequence].c_str());
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4230:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out, columnNames_[iSequence].c_str());
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4236:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out, rowNames_[iSequence].c_str());
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7877:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(line, temp);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10531:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%s %s", "Commands generated by guess -", environment);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:717:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Cpu time for %s (%d rows, %d columns %d elements) %g elapsed %g ratio %g - %d iterations",
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1182:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info.buffer, buf);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2431:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printFormat, " - objective value %s\n",
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2433:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, printFormat, objValue);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2550:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pMask, pMask2 + 1);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2558:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pMask, pMask2 + 1);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2562:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pMask, pMask2);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2584:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(masks[0], pMask);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2773:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(printFormat, " %s %s\n",
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2800:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, printFormat, primalRowSolution[iRow],
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2834:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, printFormat,
data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.cpp:784:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, rowName.c_str());
data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.cpp:791:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, columnName.c_str());
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:64:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(algFound, kw->desc);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:339:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(Stderr, badfmt, what, i, j);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:344:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(Stderr, badfmt, what, i1, j1);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:371:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, argv[1]);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:732:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s %s", Oinfo.bsname, info->buffer);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1394:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1396:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%g+%s", constant, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1398:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%g%s", constant, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1401:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s+%s", expr, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1403:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s%s", expr, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1439:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1441:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%g+%s", constant, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1443:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%g%s", constant, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1446:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s+%s", expr, temp2);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1448:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s%s", expr, temp2);
data/clp-1.17.5+repack1/Clp/src/unitTest.cpp:2369:15: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int x = fscanf(fp, "%s", temp);
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:1446:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int extra = static_cast< int >(9.999 * random);
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:1524:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (abcFactorization_->pivots() >= random * maxNumber) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexFactorization.cpp:229:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environ = getenv("CLP_TWIDDLE");
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1215:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
environ = getenv("CBC_CLP_ENVIRONMENT");
data/clp-1.17.5+repack1/Clp/src/ClpFactorization.cpp:1543:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environ = getenv("CLP_TWIDDLE");
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:168:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double random;
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:173:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
tempRandom_[i] = random;
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:351:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double random;
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:355:53: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
wPrimal->quickInsert(primalDegenerates_[i], 0.5+random);
data/clp-1.17.5+repack1/Clp/src/ClpPresolve.cpp:373:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv(name)) {
data/clp-1.17.5+repack1/Clp/src/ClpPresolve.cpp:374:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
int val = atoi(getenv(name));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:2226:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int extra = static_cast< int >(9.999 * random);
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:2291:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
while (random < 0.45)
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:2292:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random *= 2.0;
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:2294:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (factorization_->pivots() >= random * maxNumber) {
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1470:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1596:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1751:36: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1811:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1858:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1894:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1967:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2324:36: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2871:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environVar = getenv("HOME");
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:361:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *environment = getenv("clp_options");
data/clp-1.17.5+repack1/Clp/examples/addBits.cpp:129:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/clp-1.17.5+repack1/Clp/examples/addBits.cpp:130:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%g + abs(%g*multiplier)", value, value);
data/clp-1.17.5+repack1/Clp/examples/addBits.cpp:152:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/clp-1.17.5+repack1/Clp/examples/addBits.cpp:153:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%g + (1.5*%g*multiplier)", triple.value(), triple.value());
data/clp-1.17.5+repack1/Clp/examples/decomp3.cpp:21:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxBlocks = atoi(argv[2]);
data/clp-1.17.5+repack1/Clp/examples/decompose.cpp:314:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveObj, objective2, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/decompose.cpp:326:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(objective2, saveObj, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/driverC.c:71:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[80];
data/clp-1.17.5+repack1/Clp/examples/driverC.c:118:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/clp-1.17.5+repack1/Clp/examples/ekk_interface.cpp:45:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clpSolution, rowSolution, numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/ekk_interface.cpp:83:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clpSolution, columnSolution, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/ekk_interface.cpp:179:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowSolution, clp->primalRowSolution(), numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/ekk_interface.cpp:180:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowDual, clp->dualRowSolution(), numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/ekk_interface.cpp:189:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnSolution, clp->primalColumnSolution(),
data/clp-1.17.5+repack1/Clp/examples/ekk_interface.cpp:191:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnDual, clp->dualColumnSolution(), numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/hello.cpp:41:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[81];
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(statusArray,model2.statusArray(),numberColumns2+numberRows);
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:126:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(solution,model2.primalColumnSolution(),numberColumns2*sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:132:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(candidateRows,nextRows,nCandidate*sizeof(int));
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:139:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model2.statusArray(),statusArray,numberColumns2+numberRows);
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:140:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model2.primalColumnSolution(),solution,numberColumns2*sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:230:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model2.statusArray(),statusArray,numberColumns2+numberRows);
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:231:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model2.primalColumnSolution(),solution,numberColumns2*sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:240:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(statusArray,model2.statusArray(),numberColumns2+numberRows);
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:241:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(solution,model2.primalColumnSolution(),numberColumns2*sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:276:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(statusArray,model2.statusArray(),numberColumns+numberRows);
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:277:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(solution,model2.primalColumnSolution(),numberColumns*sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:280:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model2.statusArray(),statusArray,numberColumns+numberRows);
data/clp-1.17.5+repack1/Clp/examples/iis.cpp:281:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model2.primalColumnSolution(),solution,numberColumns*sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/network.cpp:28:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(argv[1], "r");
data/clp-1.17.5+repack1/Clp/examples/network.cpp:34:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("input.130", "r");
data/clp-1.17.5+repack1/Clp/examples/network.cpp:41:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/clp-1.17.5+repack1/Clp/examples/pdco.cpp:31:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fpin = fopen("./g.tiny", "r");
data/clp-1.17.5+repack1/Clp/examples/pdco.cpp:32:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fpp = fopen("./gparm.tiny", "r");
data/clp-1.17.5+repack1/Clp/examples/piece.cpp:68:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowLower2, rowLower1, numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/piece.cpp:69:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowUpper2, rowUpper1, numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/piece.cpp:227:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model.primalColumnSolution(), newSolution, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/piece.cpp:235:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveSol, solution, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/sprint.cpp:179:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model.primalRowSolution(), small.primalRowSolution(),
data/clp-1.17.5+repack1/Clp/examples/sprint.cpp:190:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(weight, model.objective(), numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/sprint2.cpp:38:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveLower, columnLower, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/sprint2.cpp:40:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveUpper, columnUpper, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/sprint2.cpp:55:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveObj, obj, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/sprint2.cpp:58:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(obj, saveObj, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/sprint2.cpp:121:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower, saveLower, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/sprint2.cpp:122:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnUpper, saveUpper, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/testBasis.cpp:75:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model.primalColumnSolution(), model2.primalColumnSolution(),
data/clp-1.17.5+repack1/Clp/examples/testBasis.cpp:77:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model.primalRowSolution(), model2.primalRowSolution(),
data/clp-1.17.5+repack1/Clp/examples/testGub.cpp:38:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxFactor = atoi(argv[2]);
data/clp-1.17.5+repack1/Clp/examples/testGub.cpp:169:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gubEnd, temp1, numberGub * sizeof(int));
data/clp-1.17.5+repack1/Clp/examples/testGub.cpp:176:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lower, temp2, numberGub * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/testGub.cpp:181:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upper, temp2, numberGub * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/testGub.cpp:280:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model3.statusArray(), model2.statusArray(),
data/clp-1.17.5+repack1/Clp/examples/testGub.cpp:298:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model3.statusArray(), model2.statusArray(),
data/clp-1.17.5+repack1/Clp/examples/testGub.cpp:418:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen("xx.sol", "w");
data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp:34:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxFactor = atoi(argv[2]);
data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp:38:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxIts = atoi(argv[3]);
data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp:183:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gubEnd + putGub, temp1, numberGub * sizeof(int));
data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp:190:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lower + putGub, temp2, numberGub * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp:195:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upper + putGub, temp2, numberGub * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp:339:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyVariable, gubMatrix->keyVariable(), numberSets * sizeof(int));
data/clp-1.17.5+repack1/Clp/examples/testGub2.cpp:359:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen("xx.sol", "w");
data/clp-1.17.5+repack1/Clp/examples/testQP.cpp:121:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gradient, quadraticObj->linearObjective(), numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp:228:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* infile = fopen("parameters", "r");
data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp:248:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(volprob.dsol.v, pi, dsize * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp:255:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi, volprob.dsol.v, numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp:259:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveObj, model.objective(), numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp:260:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model.dualColumnSolution(), model.objective(),
data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp:263:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model.objective(), model.dualColumnSolution(),
data/clp-1.17.5+repack1/Clp/examples/useVolume.cpp:287:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model.objective(), saveObj, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/AbcDualRowSteepest.cpp:1150:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/AbcDualRowSteepest.cpp:1152:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Steep initial basis has %d structurals out of %d - initializing norms\n", numberRows - numberBasicSlacks, numberRows);
data/clp-1.17.5+repack1/Clp/src/AbcDualRowSteepest.cpp:1155:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Steep initial basis has %d structurals out of %d - too many\n", numberRows - numberBasicSlacks, numberRows);
data/clp-1.17.5+repack1/Clp/src/AbcDualRowSteepest.cpp:1280:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w, weights, numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/AbcDualRowSteepest.cpp:1281:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, pivotVariable, numberRows * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/AbcMatrix.cpp:102:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(countStart_, rhs.countStart_, reinterpret_cast< char * >(&countRealColumn_) - reinterpret_cast< char * >(countStart_));
data/clp-1.17.5+repack1/Clp/src/AbcMatrix.cpp:250:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(countStart_, rhs.countStart_, reinterpret_cast< char * >(&countRealColumn_) - reinterpret_cast< char * >(countStart_));
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:463:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToAbcSlack[6] = { 4, 6, 0 /*1*/, 1 /*0*/, 5, 7 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:478:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToAbc[6] = { 4, 6, 1, 0, 5, 7 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:1927:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToAbcSlack[6] = { 4, 6, 0 /*1*/, 1 /*0*/, 5, 7 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:1970:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToAbc[6] = { 4, 6, 1, 0, 5, 7 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:4400:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:4864:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookup[8] = { 2, 3, 255, 255, 0, 0, 1, 3 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:5146:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToAbcSlack[6] = { 4, 6, 0 /*1*/, 1 /*0*/, 5, 7 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:5223:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToAbc[6] = { 4, 6, 1, 0, 5, 7 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:5311:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToClpSlack[8] = { 2, 3, 255, 255, 0, 0, 1, 5 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:5318:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lookupToClp[8] = { 3, 2, 255, 255, 0, 0, 1, 5 };
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:233:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpFollow = fopen(forceFile, "r");
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:237:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numberRead = atoi(argv[ifld + 1]);
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:238:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
force_iterations = atoi(argv[ifld + 1]);
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:242:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[300];
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4647:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(weight, weight2, sizeof(weight2));
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4845:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(weight, weight2, sizeof(weight2));
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:5858:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[20];
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:5859:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(modelName,"model%d.mps",whichModel);
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:5861:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(modelName,"model%d.bas",whichModel);
data/clp-1.17.5+repack1/Clp/src/AbcSimplexFactorization.cpp:918:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/AbcSimplexFactorization.cpp:919:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "new zero tolerance %g new pivot tolerance %g",
data/clp-1.17.5+repack1/Clp/src/AbcSimplexPrimal.cpp:249:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen("save.stuff", "rb");
data/clp-1.17.5+repack1/Clp/src/AbcSimplexPrimal.cpp:553:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen("save.stuff", "wb");
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char printArray[250];
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:461:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1001];
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1094:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current[100];
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1095:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newString[100];
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1099:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(current, "minus%d", -currentKeyWord_ - 1000);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1101:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(current, "plus%d", currentKeyWord_ - 1000);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1105:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newString, "minus%d", -value - 1000);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1107:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newString, "plus%d", value - 1000);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current[100];
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1137:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(current, "minus%d", -currentKeyWord_ - 1000);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1139:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(current, "plus%d", currentKeyWord_ - 1000);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1201:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[1000];
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:4151:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "rb");
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:4244:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "rb");
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:4274:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "wb");
data/clp-1.17.5+repack1/Clp/src/ClpCholeskyBase.cpp:970:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, choleskyRow_, sizeFactor * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpCholeskyPardiso.cpp:610:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(x, region, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpDynamicExampleMatrix.cpp:164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status_, status, numberSets_ * sizeof(char));
data/clp-1.17.5+repack1/Clp/src/ClpDynamicExampleMatrix.cpp:317:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status_,status, numberSets_ * sizeof(char));
data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.cpp:1095:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status_ + numberSets_, status_, numberSets_);
data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.cpp:1096:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status_ + 2 * numberSets_, &numberActiveSets_, sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.cpp:1097:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dynamicStatus_ + maximumGubColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.cpp:1102:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status_, status_ + numberSets_, numberSets_);
data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.cpp:1103:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&numberActiveSets_, status_ + 2 * numberSets_, sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpDynamicMatrix.cpp:1104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dynamicStatus_, dynamicStatus_ + maximumGubColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpFactorization.cpp:52:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *types[10] = {
data/clp-1.17.5+repack1/Clp/src/ClpFactorization.cpp:1257:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&shortestAverage_, &rhs.shortestAverage_, 3 * (sizeof(double) + sizeof(int)));
data/clp-1.17.5+repack1/Clp/src/ClpFactorization.cpp:1342:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&shortestAverage_, &rhs.shortestAverage_, 3 * (sizeof(double) + sizeof(int)));
data/clp-1.17.5+repack1/Clp/src/ClpFactorization.cpp:2978:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&coinFactorizationA_->ftranCountInput_, save, sizeof(save));
data/clp-1.17.5+repack1/Clp/src/ClpHelperFunctions.cpp:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:10:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double damp, double atol, double btol, double conlim, int itnlim,
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:22:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char term_msg[8][80] = {
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[100], str2[100], str3[100], str4[100], head1[100], head2[100];
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:85:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(head1, " Itn x(1) Function");
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:86:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(head2, " Compatible LS Norm A Cond A");
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:92:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str1, "%6d %12.5e %10.3e", *itn, x[0], rnorm);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:93:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, " %8.1e %8.1e", test1, test2);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:195:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double rtol = btol + atol * anorm * xnorm / bnorm;
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:216:18: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (test2 <= atol)
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:232:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double atolold = atol;
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:233:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double atolnew = atol;
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:235:11: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atol > info.atolmin) {
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:246:18: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol = atol * 0.1;
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:247:21: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atolnew = atol;
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:270:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (test2 <= 10 * atol)
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:279:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str1, " %6d %12.5e %10.3e", *itn, x[0], rnorm);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:280:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, " %8.1e %8.1e", test1, test2);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:281:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str3, " %8.1e %8.1e", anorm, acond);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:297:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str1, "istop =%8d itn =%8d", *istop, *itn);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:298:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, "anorm =%8.1e acond =%8.1e", anorm, acond);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:299:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str3, "rnorm =%8.1e arnorm =%8.1e", rnorm, arnorm);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.cpp:300:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str4, "bnorm =%8.1e xnorm =%8.1e", bnorm, xnorm);
data/clp-1.17.5+repack1/Clp/src/ClpLsqr.hpp:116:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double damp, double atol, double btol, double conlim, int itnlim,
data/clp-1.17.5+repack1/Clp/src/ClpMain.cpp:240:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int n = atoi(argv[1]);
data/clp-1.17.5+repack1/Clp/src/ClpMain.cpp:243:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int nThreads = atoi(argv[2]);
data/clp-1.17.5+repack1/Clp/src/ClpMessage.cpp:129:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(source_, "Clp");
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:1340:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:1342:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "R%7.7d", iRow);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:1350:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:1353:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "C%7.7d", iColumn);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:2770:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, ray_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:2970:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName, "r");
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:2975:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(dataName, "r");
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3448:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3449:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "R%7.7d", iRow);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3485:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "C%7.7d", iColumn);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3566:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3567:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "R%7.7d", iRow);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3593:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3594:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "C%7.7d", iColumn);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3831:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rowNames = new char *[numberRows_ + 1];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3839:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3840:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "R%7.7d", iRow);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3855:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3857:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "R%7.7d", iRow);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3870:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
columnNames = new char *[numberColumns_];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3878:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3879:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "C%7.7d", iColumn);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3894:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3896:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "C%7.7d", iColumn);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4058:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4068:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4090:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100000];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4091:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp2[30];
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4092:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%g", constant);
data/clp-1.17.5+repack1/Clp/src/ClpModel.hpp:518:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnActivity_, input, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpNode.cpp:1179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/clp-1.17.5+repack1/Clp/src/ClpPEDualRowSteepest.cpp:182:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char generalPrint[100];
data/clp-1.17.5+repack1/Clp/src/ClpPEDualRowSteepest.cpp:183:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "updating - iCurrent,iInterval %d,%d degenerate pivots %d ? %d codegen since last %d",
data/clp-1.17.5+repack1/Clp/src/ClpPEPrimalColumnSteepest.cpp:336:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char generalPrint[100];
data/clp-1.17.5+repack1/Clp/src/ClpPEPrimalColumnSteepest.cpp:338:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "coDegen = %d; coComp = %d; iCurrent_ = %d; compatibleColumns = %d",
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char generalPrint[200];
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:205:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Degenerate pivots : %d, compatibility time %.2f",
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:215:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "coDegenAvg/rows %g coCompatAvg/rows %g",
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:222:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "coDegenAvg/columns %g coCompatAvg/columns %g",
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:230:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "(coDegeneratePivots()-coDegenerateCompatiblePivots())/( (numberPivots-coCompatiblePivots()) %g", (static_cast< double >(coDegeneratePivots() - coDegenerateCompatiblePivots())) / (static_cast< double >(numberPivots - coCompatiblePivots())));
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:236:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "coDegenerateCompatiblePivots()/coCompatiblePivots() %g", static_cast< double >(coDegenerateCompatiblePivots()) / static_cast< double >(coCompatiblePivots()));
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:241:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "coDegeneratePivots()/ numberPivots %g", static_cast< double >(coDegeneratePivots()) / static_cast< double >(numberPivots));
data/clp-1.17.5+repack1/Clp/src/ClpPESimplex.cpp:245:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "coCompatiblePivots() %d coPriorityPivots() %d",
data/clp-1.17.5+repack1/Clp/src/ClpParameters.hpp:86:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast< void * >(newArray), array, size * sizeof(T));
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:315:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char solver[7];
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:316:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(solver, " LSQR");
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:551:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol = CoinMin(atol, r3norm * 0.1);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:552:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atol = CoinMax(atol, atolmin);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:627:37: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
thisLsqr.do_lsqr(rhs, damp, atol, btol, conlim, itnlim,
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:784:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[100], str2[100], str3[100], str4[100], str5[100];
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:785:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str1, "\n%3g%5.1f", PDitns, log10(mu));
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:786:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, "%8.5f%8.5f", stepx, stepz);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:788:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, " %6.1e %6.1e", stepx, stepz);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:791:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str3, "%6.1f%6.1f", log10(Pinf), log10(Dinf));
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:792:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str4, "%6.1f%15.7e", log10(Cinf0), objtrue);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:793:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str5, "%3d%8.1f", nf, center);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:795:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str5, "%3d%8.1e", nf, center);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:845:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atolold = atol;
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:890:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[100], str2[100];
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:891:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str1, "\nPDitns =%10g", PDitns);
data/clp-1.17.5+repack1/Clp/src/ClpPdco.cpp:892:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, "itns =%10d", CGitns);
data/clp-1.17.5+repack1/Clp/src/ClpPlusMinusOneMatrix.cpp:2364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elements_, tempDifferent, numberDifferent_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpPredictorCorrector.cpp:32:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen(fileName.c_str(), "wb");
data/clp-1.17.5+repack1/Clp/src/ClpPredictorCorrector.cpp:967:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/clp-1.17.5+repack1/Clp/src/ClpPredictorCorrector.cpp:968:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "save.sol.%d", kk);
data/clp-1.17.5+repack1/Clp/src/ClpPredictorCorrector.cpp:971:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen(name, "wb");
data/clp-1.17.5+repack1/Clp/src/ClpPresolve.cpp:374:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(getenv(name));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:1016:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xsave,xx,numberRows_*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:1017:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xsave+numberRows_,solution_,(numberRows_+numberColumns_)*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:5900:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowLower_, saveLower, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:5901:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowUpper_, saveUpper, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:6812:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName, "wb");
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:7009:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName, "rb");
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:7124:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
status_ = new char unsigned[length];
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:7632:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:7738:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fullname.c_str(), "w");
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:8041:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:8043:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%d unscaled row infeasibilities - summing to %g",
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:8054:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%d relaxed row infeasibilities - summing to %g",
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:10568:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower_, tempColumn, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:10569:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowLower_, tempRow, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:10670:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, ray_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:11044:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, columnLower_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:11046:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save + numberColumns_, columnUpper_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:11070:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower_, save,
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:11072:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnUpper_, save + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:1250:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(savePSol, solution_, (numberColumns_ + numberRows_) * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:1251:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveDj, dj_, (numberColumns_ + numberRows_) * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:1252:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveCost, cost_, (numberColumns_ + numberRows_) * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:1253:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveStat, status_, (numberColumns_ + numberRows_) * sizeof(char));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:2129:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(solution_, comp, nTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:2884:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpFollow = fopen(forceFile, "r");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:2890:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[300];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5145:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[20];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5146:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "sol%d.out", ixxxxxx);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5148:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(temp, "w");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5180:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, cost_, nTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5181:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + nTotal, cost_, nTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5204:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, cost_, nTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5205:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + nTotal, cost_, nTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5212:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cost_, cost_ + nTotal, nTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5341:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cost_ + nTotal, cost_, nTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[20];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5385:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "x_sol%d.out", ixxxxxx);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5386:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(temp, "w");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:5470:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cost_, saveCost, numberTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:6579:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(weight, weight2, sizeof(weight2));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8331:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lower_, columnLower_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8332:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upper_, columnUpper_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8333:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lower_ + numberColumns_, rowLower_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8334:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upper_ + numberColumns_, rowUpper_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:642:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[8];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:643:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(x, &value, 8);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:651:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[20];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:652:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:752:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName, "r");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:1244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reducedCost_, this->objective(), numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:1759:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xxxx[20];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:1760:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xxxx, "bad%d.mps", which);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:1762:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xxxx, "largebad%d.mps", which);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2129:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2130:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Crossover considerations reduce ending theta from %g to %g\n",
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2241:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2242:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Can not get to theta of %g\n", startingTheta);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2267:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Ending theta %g\n", endingTheta);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2278:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(dataFile, "r");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2279:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[200];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2347:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
detail = atoi(pos);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2381:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char saveLine[200];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2442:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **rowNames = new char *[numberRows_];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2493:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iRow = atoi(pos);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2531:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%d Row fields and %d records", nAcross, nLine);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2546:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Duplicate or unknown keyword - or name/number fields wrong");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2612:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **columnNames = new char *[numberColumns_];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2666:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iColumn = atoi(pos);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2705:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%d Column fields and %d records", nAcross, nLine);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:2720:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Duplicate or unknown keyword - or name/number fields wrong");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3009:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowerChange, lowerChangeBound, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3011:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upperChange, upperChangeBound, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3013:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowerChange + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3016:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upperChange + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3036:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveLower + unscaledChangesOffset, lowerChange, numberTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3037:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveUpper + unscaledChangesOffset, upperChange, numberTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3060:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowerCopy, columnLower_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3061:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upperCopy, columnUpper_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3062:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowerCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3064:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upperCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3070:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unscaledCopy, columnLower_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3071:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unscaledCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3074:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unscaledCopy, columnUpper_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3075:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unscaledCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3103:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveLower, lower_, numberTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3109:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveUpper, upper_, numberTotal * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3240:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower_, lowerCopy, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3241:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnUpper_, upperCopy, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3242:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowLower_, lowerCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3244:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowUpper_, upperCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3250:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower_, unscaledCopy, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3251:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowLower_, unscaledCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3254:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnUpper_, unscaledCopy, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3255:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowUpper_, unscaledCopy + numberColumns_,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3275:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3276:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Ending theta %g\n", endingTheta);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3354:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower_, lower_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3355:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowLower_, lower_ + numberColumns_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3356:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnUpper_, upper_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3357:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowUpper_, upper_ + numberColumns_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3680:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower_, saveLower, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3681:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowLower_, saveLower + numberColumns_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3683:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnUpper_, saveUpper, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:3684:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowUpper_, saveUpper + numberColumns_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4213:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[200], out[200];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4219:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(in, "C%7.7d", iSequence);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4225:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(in, "R%7.7d", iSequence);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4232:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(out, "C%7.7d", iSequence);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4238:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(out, "R%7.7d", iSequence);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4550:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowerSave, columnLower_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4551:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowerSave + numberColumns_, rowLower_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4552:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upperSave, columnUpper_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4553:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upperSave + numberColumns_, rowUpper_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:4644:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempArray,array,numberRows_*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5043:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(checkArray,lowerCoefficient,numberRows_*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5068:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(checkArray,upperCoefficient,numberRows_*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5156:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(checkArray,lowerCoefficient,numberRows_*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5167:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(checkArray,upperCoefficient,numberRows_*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5803:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reducedCost_, this->objective(), numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5905:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[100];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5908:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message, "%d gub rows", numberGub);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:5918:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message, "Putting back one gub row to make non-empty");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:6132:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message, "** Before adding matrix there are %d rows and %d columns",
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:6169:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message,
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7113:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lower_, columnLower_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7114:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lower_ + numberColumns_, rowLower_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7115:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upper_, columnUpper_, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upper_ + numberColumns_, rowUpper_, numberRows_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7117:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cost_, objective(), numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7850:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[520], temp[50];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7855:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "dupj %d,%d %d els ",
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7867:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "(%g,%g) ", element[k], element[k + ishift]);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7880:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line, "...");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8259:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8260:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Threshold %d found %d fixed %d", threshold, numberLook, nMoved);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8371:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, where.startStuff, k);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8376:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(put, info, sizeInfo);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8378:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(put, indices, numberElements * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8380:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(put, elements, numberElements * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8395:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, get, sizeof(clpPresolveInfo1_4_8));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8396:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisInfoX, get, sizeof(clpPresolveInfo1_4_8));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8406:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, get, sizeof(clpPresolveInfo8));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8407:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisInfoX, get, sizeof(clpPresolveInfo8));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8416:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, get, sizeof(clpPresolveInfo2));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8417:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisInfoX, get, sizeof(clpPresolveInfo2));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8425:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, get, sizeof(clpPresolveInfo11));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8426:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisInfoX, get, sizeof(clpPresolveInfo11));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8435:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, get, sizeof(clpPresolveInfo13));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8436:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisInfoX, get, sizeof(clpPresolveInfo13));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8444:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, get, sizeof(clpPresolveInfo14));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8445:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisInfoX, get, sizeof(clpPresolveInfo14));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8452:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(where.indices, get, n * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8454:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(where.elements, get, n * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8478:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(element + put, element + start, length * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8479:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row + put, row + start, length * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8509:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(element + put, element + start, n * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8510:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row + put, row + start, n * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8523:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(element + put, element + start, n * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8524:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row + put, row + start, n * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8979:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, row + lastElement, numberElements * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:8980:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(element, element + lastElement, numberElements * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9463:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(infoData, infoA, nActions * sizeof(clpPresolveInfo));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9465:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info2, startStuff, stuff.putStuff - startStuff);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9539:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, row + lastElement, numberElements * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9540:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(element, element + lastElement, numberElements * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9678:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, getStuff, sizeof(clpPresolveInfo1_4_8));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9687:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, getStuff, sizeof(clpPresolveInfo2));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9702:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, getStuff, sizeof(clpPresolveInfo11));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9711:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, getStuff, sizeof(clpPresolveInfo13));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9720:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&thisInfo, getStuff, sizeof(clpPresolveInfo14));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:9780:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(objectiveX, this->objective(), numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10103:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowX + start, tempIndex, newLength * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10104:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elementX + start, tempElement, newLength * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10201:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowX + start, row + startOriginal, newLength * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10202:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elementX + start, element + startOriginal, newLength * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10240:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowX + start, tempIndex, newLength * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10241:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elementX + start, tempElement, newLength * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10298:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rowX + start, tempIndex, length * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10299:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elementX + start, tempElement, length * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10449:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempIndex, row + start, length * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10450:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempElement, element + start, length * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10521:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(environment, "-idiot 30 -pertvalue -1483 -primals");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10523:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(environment, "-idiot 60 -primals");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10526:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(environment, "-dualpivot pesteep -psi 1.0 -pertv 52 -duals");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10528:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(environment, "-idiot 80 -primals");
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:10530:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[140];
data/clp-1.17.5+repack1/Clp/src/ClpSimplexPrimal.cpp:1404:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(objective(), saveObjective, numberColumns_ * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:397:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *types[MAX_TYPES];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:666:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[3];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:667:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", numberCpu);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:675:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[200];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:681:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%d cilk workers", number_cilk_workers);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:1073:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(check, elementByColumn, numberElements * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:1253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[80];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:1256:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(output, "Pool matrix has %d different values",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:1261:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(output, "Pool matrix has more than %d different values - no good",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:2248:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.dualRowSolution(), dualModel2->primalColumnSolution(),
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:2250:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.primalColumnSolution(), model2->primalColumnSolution(),
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:2268:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dualColumn[i], model2->objective(),
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:2356:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(model2->objective(), saveObj, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:2943:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:2944:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "sample size increased from %d to %d",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:4797:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(whichRow + n, coinModel.coinBlock(jBlock)->originalRows(), k * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:4813:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(whichColumn + n, coinModel.coinBlock(jBlock)->originalColumns(),
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5341:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char generalPrint[200];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5345:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Time to decompose %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5363:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Start of pass %d", iPass);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5397:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Sum of artificials before solve is %g", sumArtificials);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5544:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveObj, objective2, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5610:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(objective2, saveObj, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5644:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "For subproblem %d smallest - %g, largest %g - dj %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5679:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "For subproblem ray %d smallest - %g, largest %g - dj %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5705:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Time at end of D-W %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5816:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Time before cleanup of full model %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:5821:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Total time %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6060:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char generalPrint[200];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6405:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].rowLower(), numberRows2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6407:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].columnLower(), numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6409:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].rowUpper(), numberRows2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6411:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].columnUpper(), numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6428:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Time to decompose %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6458:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].rowLower(), numberRows2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6460:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].columnLower(), numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6462:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].rowUpper(), numberRows2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6464:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(save, sub[iBlock].columnUpper(), numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6485:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Start of pass %d", iPass);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6536:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Pass %d objective %g change %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6620:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "%d at artificial bound", nTrusted);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6622:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "All at natural bounds");
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6698:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "The sum of dual infeasibilities is %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6778:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(obj, saveObjective[iBlock], originalSubColumns[iBlock] * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6789:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lower2, saveLower, numberRows2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6792:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnLower2, saveColumnLower, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6795:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(upper2, saveUpper, numberRows2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6798:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(columnUpper2, saveColumnUpper, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6848:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lastMod, rhs, numberRows2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6886:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "First block - initial solve - %d iterations, objective %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6898:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sub[iBlock].primalColumnSolution(),
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6901:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sub[iBlock].statusArray(), sub[0].statusArray(),
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7005:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7006:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "pass_%d_block_%d.mps", iPass, iBlock);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7008:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "pass_%d_block_%d.bas", iPass, iBlock);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7056:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Block %d - %d iterations, objective %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7079:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(obj, saveObj, numberColumns2 * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7212:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "For subproblem %d smallest - %g, largest %g - infeas %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7218:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Removing small elements");
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7575:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "new objValue %g - old %g", objValue7, objValue);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7590:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp3, temp2, numberMasterColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7619:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "For subproblem ray %d smallest - %g, largest %g - infeas %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7626:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Removing small elements");
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7672:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "%d cuts added with %d elements",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7709:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Rhs for cut %d (from block %d) does not cutoff sum2 %g sum %g rhs %g)",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7717:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Rhs for cut %d (from block %d) is %g too low (rhs is %g)",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7726:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Rhs for cut %d (from block %d) is %g ineffective (rhs is %g)",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7753:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Cut %d makes infeasible - upper=%g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7759:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Cut %d makes too expensive - upper=%g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7852:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Time at end of Benders %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7947:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "%d row basic %d col basic (total %d) - wanted %d",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7954:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "%d infeasibilities summing to %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7961:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Time before cleanup of full model %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:7970:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Total time %.2f seconds", CoinCpuTime() - time1);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.hpp:439:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char way_[CLP_CYCLE];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:320:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char generalPrint[10000];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:331:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (equals && atoi(equals + 1) > 0) {
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:333:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
info.logLevel = atoi(equals + 1);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:360:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (i < info.numberArguments - 1 && atoi(info.arguments[i + 1]) > 0)
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:402:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "Ampl objective offset is %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:781:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[3];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:782:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", action);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1098:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("user_driver.cpp", "w");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1124:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1128:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "optimal,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1131:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "infeasible,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1134:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "unbounded,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1136:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "stopped on iterations or time,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1139:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "stopped on difficulties,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1142:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "stopped on ctrl-c,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1145:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "integer infeasible,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1148:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, "status unknown,");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1153:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(buf + pos, " objective %.*g", ampl_obj_prec(),
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1155:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + pos, "\n%d iterations",
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1314:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char generalPrint[100];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1316:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(generalPrint, "After translating dual back to primal - objective value is %g",
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1499:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(gmplData.c_str(), "r");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1545:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "r");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1607:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "w");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1661:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rowNames = new char * [numberRows];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1678:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
columnNames = new char * [numberColumns];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1762:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "r");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1822:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "w");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1905:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "wb");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1978:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName.c_str(), "rb");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2104:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fields[4];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2169:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int size = atoi(argv[i + 1]);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2174:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int size = atoi(argv[i + 1]);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2199:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fields[2];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2336:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fileName.c_str(), "w");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2338:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fileName.c_str(), "a");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2430:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printFormat[50];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2542:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pMask[100];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2577:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
masks = new char *[maxMasks];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2578:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **newMasks = new char *[maxMasks];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:3788:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fpBlocks = fopen("blocks.data", "wb");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:3805:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:3807:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "block%d.mps", iBlock);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:4454:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fileName, "r");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:4459:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXLINES][MAXONELINE];
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:4467:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line[numberLines], "5 clpModel->initialSolve(clpSolve);");
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:4469:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fileName, "w");
data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.cpp:157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vString[10];
data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.cpp:681:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, ray, numberRows * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.cpp:697:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, ray, numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char algFound[20] = "";
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:120:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char xxxxxx[20];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:362:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempBuffer[20];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[1000];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:379:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (equals && atoi(equals + 1) >= 10 && atoi(equals + 1) <= 20) {
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:379:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (equals && atoi(equals + 1) >= 10 && atoi(equals + 1) <= 20) {
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:380:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nonLinearType = atoi(equals + 1);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:451:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosPriority, sospri, nsos * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:452:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosStart, sosbeg, (nsos + 1) * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:453:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosIndices, sosind, nsosnz * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:454:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosReference, sosref, nsosnz * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:521:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->primalSolution, X0, n_var * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:546:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".nl");
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:711:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:923:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosPriority, sospri, nsos * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:924:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosStart, sosbeg, (nsos + 1) * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:925:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosIndices, sosind, nsosnz * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:926:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->sosReference, sosref, nsosnz * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:978:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(primalSolution, X0, n_var * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[9];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1333:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "r%7.7d", iRow);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[9];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1339:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "c%7.7d", iColumn);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1386:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1000];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1387:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp2[30];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1389:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp2, "c%7.7d", kColumn);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1391:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp2, "%g*c%7.7d", value, kColumn);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1431:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1000];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1432:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp2[30];
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1434:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp2, "c%7.7d", kColumn);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1436:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp2, "%g*c%7.7d", value, kColumn);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1492:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prioritySOS_, sospri, nsos * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1493:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(startSOS_, sosbeg, (nsos + 1) * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1494:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(memberSOS_, sosind, nsosnz * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1495:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(referenceSOS_, sosref, nsosnz * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.h:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization1.cpp:724:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization1.cpp:725:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "need more memory lengthArea %d number %d done %d areaFactor %g",
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization1.cpp:733:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization1.cpp:734:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Bad pivot values - increasing pivot tolerance to %g",
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization1.cpp:751:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization1.cpp:752:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%d factorization compressions, lengthArea %d number %d new areaFactor %g",
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization2.cpp:1028:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xxx[17000];
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization3.cpp:1063:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,region,numberRows_*sizeof(CoinSimplexDouble));
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization3.cpp:2267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(indexSave, regionSparse->getIndices(), numberNonZero * sizeof(CoinSimplexInt));
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization4.cpp:2601:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(indexU2, indexU2Save, numberInColumnU2 * sizeof(CoinSimplexInt));
data/clp-1.17.5+repack1/Clp/src/CoinAbcCommon.hpp:250:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(to, from, size * sizeof(T));
data/clp-1.17.5+repack1/Clp/src/CoinAbcHelperFunctions.cpp:638:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, arrayFrom, size * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/CoinAbcHelperFunctions.cpp:642:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, arrayFrom, size * sizeof(int));
data/clp-1.17.5+repack1/Clp/src/CoinAbcHelperFunctions.cpp:646:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, arrayFrom, size * sizeof(unsigned char));
data/clp-1.17.5+repack1/Clp/src/IdiSolve.cpp:947:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
cilk_spawn memcpy(piX[i], pi, nrows * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/IdiSolve.cpp:948:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
cilk_spawn memcpy(rowsolX[i], rowsol, nrows * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Idiot.cpp:1821:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[200];
data/clp-1.17.5+repack1/Clp/src/Idiot.cpp:1822:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveBounds, lower, ncols * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Idiot.cpp:1823:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveBounds + ncols, upper, ncols * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Idiot.cpp:1917:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "sum of infeasibilities %g - %d fixed rows, %d fixed columns - might free %d rows",
data/clp-1.17.5+repack1/Clp/src/Idiot.cpp:1945:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "sum of infeasibilities %g - average %g, %d fixed columns",
data/clp-1.17.5+repack1/Clp/src/Idiot.cpp:1957:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveModel->columnLower(), saveBounds, ncols * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/Idiot.cpp:1958:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveModel->columnUpper(), saveBounds + ncols, ncols * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:949:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[20];
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:950:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fileName, "save%d.mod", resolveTry);
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:2630:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(djs, modelPtr_->objective(), numberColumns * sizeof(double));
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:2895:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fBig,modelPtr_->columnLower_,numberColumns*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:2921:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(effectiveRhs2,modelPtr_->rowUpper_,numberRows*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:3012:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modelPtr_->status_, saveStatus, numberRows + numberColumns);
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:3950:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modelPtr_->dualColumnSolution(), modelPtr_->objective(),
data/clp-1.17.5+repack1/Clp/src/OsiClp/OsiClpSolverInterface.cpp:5910:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fullname.c_str(), "w");
data/clp-1.17.5+repack1/Clp/src/unitTest.cpp:2357:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fn.c_str(), "r");
data/clp-1.17.5+repack1/Clp/src/unitTest.cpp:2361:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fn.c_str(), "r");
data/clp-1.17.5+repack1/Clp/src/unitTest.cpp:2367:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp:780:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp:781:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"%g + abs(%g*multiplier)",value,value);
data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp:803:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp:804:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"%g + (1.5*%g*multiplier)",triple.value(), triple.value());
data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp:854:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fakeCost,m.getObjCoefficients(),numberColumns*sizeof(double));
data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp:970:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(djsNow, m.getReducedCost(),numberColumns*sizeof(double));
data/clp-1.17.5+repack1/Clp/test/OsiClpSolverInterfaceTest.cpp:971:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dualsNow,m.getRowPrice(),numberRows*sizeof(double));
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:4432:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast<unsigned int> (strlen(name)));
data/clp-1.17.5+repack1/Clp/src/AbcSimplex.cpp:4444:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast<unsigned int> (strlen(name)));
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:232:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!fpFollow && strlen(forceFile)) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:3992:20: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
CoinRelFltEq equal;
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:3995:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcUpper_[iSequence], (lowerValue + currentDualBound_)) || !(equal(abcUpper_[iSequence], value) || equal(abcLower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:3995:83: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcUpper_[iSequence], (lowerValue + currentDualBound_)) || !(equal(abcUpper_[iSequence], value) || equal(abcLower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:3995:121: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcUpper_[iSequence], (lowerValue + currentDualBound_)) || !(equal(abcUpper_[iSequence], value) || equal(abcLower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4006:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcLower_[iSequence], (upperValue - currentDualBound_)) || !(equal(abcUpper_[iSequence], value) || equal(abcLower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4006:83: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcLower_[iSequence], (upperValue - currentDualBound_)) || !(equal(abcUpper_[iSequence], value) || equal(abcLower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4006:121: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcLower_[iSequence], (upperValue - currentDualBound_)) || !(equal(abcUpper_[iSequence], value) || equal(abcLower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4036:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcLower_[iSequence], lowerValue))
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4038:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcUpper_[iSequence], upperValue))
data/clp-1.17.5+repack1/Clp/src/AbcSimplexDual.cpp:4049:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(abcUpper_[iSequence], abcLower_[iSequence])) {
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:459:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = static_cast< int >(strlen(input));
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:503:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (doPrinting && strlen(printArray))
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:543:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (doPrinting && strlen(printArray))
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:643:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (doPrinting && strlen(printArray))
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:787:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (doPrinting && strlen(printArray))
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:832:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (doPrinting && strlen(printArray))
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:933:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (doPrinting && strlen(printArray))
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1220:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(environ);
data/clp-1.17.5+repack1/Clp/src/CbcOrClpParam.cpp:1240:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(line);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:2937:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name)));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:2945:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name)));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3020:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name)));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3028:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name)));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3338:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(rowNames_[iRow].c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3344:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(columnNames_[iColumn].c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3425:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(rowNames_[iRow].c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3431:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(columnNames_[iColumn].c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3467:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name.c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3503:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name.c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3522:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(rowNames_[iRow - first].c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3542:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(columnNames_[iColumn - first].c_str())));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3561:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rowNames && rowNames[iRow - first] && strlen(rowNames[iRow - first])) {
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3563:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(rowNames[iRow - first])));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3588:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (columnNames && columnNames[iColumn - first] && strlen(columnNames[iColumn - first])) {
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3590:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(columnNames[iColumn - first])));
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3846:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(xx);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:3885:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(xx);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4060:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(temp);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4070:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(temp);
data/clp-1.17.5+repack1/Clp/src/ClpModel.cpp:4112:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(temp) < 100000);
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:7693:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name)));
data/clp-1.17.5+repack1/Clp/src/ClpSimplex.cpp:7705:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxLength = CoinMax(maxLength, static_cast< unsigned int >(strlen(name)));
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:2883:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!fpFollow && strlen(forceFile)) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8177:20: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
CoinRelFltEq equal;
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8180:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(upper_[iSequence], (lowerValue + dualBound_)) || !(equal(upper_[iSequence], value) || equal(lower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8180:73: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(upper_[iSequence], (lowerValue + dualBound_)) || !(equal(upper_[iSequence], value) || equal(lower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8180:108: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(upper_[iSequence], (lowerValue + dualBound_)) || !(equal(upper_[iSequence], value) || equal(lower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8191:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(lower_[iSequence], (upperValue - dualBound_)) || !(equal(upper_[iSequence], value) || equal(lower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8191:73: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(lower_[iSequence], (upperValue - dualBound_)) || !(equal(upper_[iSequence], value) || equal(lower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8191:108: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(lower_[iSequence], (upperValue - dualBound_)) || !(equal(upper_[iSequence], value) || equal(lower_[iSequence], value))) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8221:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(lower_[iSequence], lowerValue))
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8223:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(upper_[iSequence], upperValue))
data/clp-1.17.5+repack1/Clp/src/ClpSimplexDual.cpp:8234:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal(upper_[iSequence], lower_[iSequence])) {
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7857:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(line);
data/clp-1.17.5+repack1/Clp/src/ClpSimplexOther.cpp:7875:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n2 = strlen(temp);
data/clp-1.17.5+repack1/Clp/src/ClpSolve.cpp:6012:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1441:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(c_name);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1668:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(xx);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:1685:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(xx);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2543:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lengthMask = strlen(pMask2);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2592:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(oldMask) - 1;
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2615:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(maskThis);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2793:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(name);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:2827:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(name);
data/clp-1.17.5+repack1/Clp/src/ClpSolver.cpp:4430:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(checkC);
data/clp-1.17.5+repack1/Clp/src/Clp_C_Interface.cpp:477:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(array, name.c_str(), maxNumberCharacters - 1);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:61:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(v))
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:70:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(v))
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:88:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(phrase))
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:90:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(phrase)) {
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:616:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(algFound)) {
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:629:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int getChar = getc(stdin);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1011:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nl = jac0dim(stub, (ftnlen)strlen(stub));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1116:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nl = jac0dim(stub, (ftnlen)strlen(stub));
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1405:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(temp) < 1000);
data/clp-1.17.5+repack1/Clp/src/Clp_ampl.cpp:1450:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(temp) < 1000);
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization4.cpp:3457:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000000);
data/clp-1.17.5+repack1/Clp/src/CoinAbcBaseFactorization4.cpp:3844:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000000);
ANALYSIS SUMMARY:
Hits = 798
Lines analyzed = 227213 in approximately 5.34 seconds (42546 lines/second)
Physical Source Lines of Code (SLOC) = 187655
Hits@level = [0] 2449 [1] 81 [2] 614 [3] 25 [4] 78 [5] 0
Hits@level+ = [0+] 3247 [1+] 798 [2+] 717 [3+] 103 [4+] 78 [5+] 0
Hits/KSLOC@level+ = [0+] 17.303 [1+] 4.25248 [2+] 3.82084 [3+] 0.54888 [4+] 0.415656 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.