Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/cmor-3.6.0/include/cmor_md5.h Examining data/cmor-3.6.0/include/cdTime/fcddrs.h Examining data/cmor-3.6.0/include/cdTime/cdms.h Examining data/cmor-3.6.0/include/cdTime/cdunif.h Examining data/cmor-3.6.0/include/cdTime/cddrs.h Examining data/cmor-3.6.0/include/cdTime/drscdf.h Examining data/cmor-3.6.0/include/cdTime/gaussLats.h Examining data/cmor-3.6.0/include/cdTime/drsdef.h Examining data/cmor-3.6.0/include/cdTime/cdmsint_new.h Examining data/cmor-3.6.0/include/cdTime/cdmsint.h Examining data/cmor-3.6.0/include/cdTime/isdb.h Examining data/cmor-3.6.0/include/cdTime/cddrsint.h Examining data/cmor-3.6.0/include/cdTime/gx.h Examining data/cmor-3.6.0/include/cdTime/cdunifint.h Examining data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp_frename.h Examining data/cmor-3.6.0/include/cdTime/cdunifpp/vardef.h Examining data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h Examining data/cmor-3.6.0/include/cdTime/cdunifpp/crayio.h Examining data/cmor-3.6.0/include/cdTime/cdunifpp/util.h Examining data/cmor-3.6.0/include/cdTime/grads.h Examining data/cmor-3.6.0/include/cdTime/cdrra.h Examining data/cmor-3.6.0/include/cdTime/cfortran.h Examining data/cmor-3.6.0/include/cmor_func_def.h Examining data/cmor-3.6.0/include/cmor.h Examining data/cmor-3.6.0/Test/test_cmor_grid_unstructured_3d_fabi.c Examining data/cmor-3.6.0/Test/test_cmor_append_associated_point.c Examining data/cmor-3.6.0/Test/test_lots_of_variables.c Examining data/cmor-3.6.0/Test/test_cmor_grid_unstructured_fabi.c Examining data/cmor-3.6.0/Test/test_cmor_depth_coord_half.c Examining data/cmor-3.6.0/Test/test_singletons.c Examining data/cmor-3.6.0/Test/test_unit_cat_unique.c Examining data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c Examining data/cmor-3.6.0/Test/test_sdepth1_float.c Examining data/cmor-3.6.0/Test/test_cmor_singleton_and_generic.c Examining data/cmor-3.6.0/Test/reader_2D_3D.h Examining data/cmor-3.6.0/Test/ipcc_test_code.c Examining data/cmor-3.6.0/Test/test_grid.c Examining data/cmor-3.6.0/Test/test_cmor_append_associated.c Examining data/cmor-3.6.0/Src/cmor_axes.c Examining data/cmor-3.6.0/Src/_controlvocabulary.c Examining data/cmor-3.6.0/Src/cmor_grids.c Examining data/cmor-3.6.0/Src/cdTime/timeConv.c Examining data/cmor-3.6.0/Src/cdTime/reg_trfm.c Examining data/cmor-3.6.0/Src/cdTime/timeArith.c Examining data/cmor-3.6.0/Src/cdTime/cdTimeConv.c Examining data/cmor-3.6.0/Src/cdTime/fcdTimeConv.c Examining data/cmor-3.6.0/Src/cdTime/cdUtil.c Examining data/cmor-3.6.0/Src/cdTime/cdRegTrfm.c Examining data/cmor-3.6.0/Src/cmor_variables.c Examining data/cmor-3.6.0/Src/cmor_CV.c Examining data/cmor-3.6.0/Src/cmor_cfortran_interface.c Examining data/cmor-3.6.0/Src/_cmormodule.c Examining data/cmor-3.6.0/Src/cmor_tables.c Examining data/cmor-3.6.0/Src/cmor_md5.c Examining data/cmor-3.6.0/Src/cmor.c FINAL RESULTS: data/cmor-3.6.0/Src/cmor.c:4496:13: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(outname, "/", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5553:13: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(szJoin, tmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5565:17: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(szJoin, tmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5570:13: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(szJoin, tmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5580:13: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(szJoin, szToken, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5590:21: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(szJoin, tmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5597:25: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(szJoin, tmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5605:17: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(szJoin, szToken, CMOR_MAX_STRING); data/cmor-3.6.0/Src/_cmormodule.c:756:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(nms[i], PyUnicode_AsUTF8(tmp)); data/cmor-3.6.0/Src/_cmormodule.c:758:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(nms[i], PyString_AsString(tmp)); data/cmor-3.6.0/Src/_cmormodule.c:763:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(units[i], PyUnicode_AsUTF8(tmp)); data/cmor-3.6.0/Src/_cmormodule.c:765:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(units[i], PyString_AsString(tmp)); data/cmor-3.6.0/Src/_controlvocabulary.c:327:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(attribute_name, cmor_vars[var_id].attributes[i]); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:132:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. nconv = sscanf(relunits,"%s since %s %s",charunits,basetime_1,basetime_2); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:177:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(basetime,CD_DEFAULT_BASEYEAR); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:185:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(basetime,basetime_1); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:190:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(basetime,"%s %s",basetime_1,basetime_2); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:205:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. nconv = sscanf(deltaTime,"%lf %s",value,charunits); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:625:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. nconv = sscanf(absunits,"%s as %s",charunits,format); data/cmor-3.6.0/Src/cdTime/cdUtil.c:38:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, args); data/cmor-3.6.0/Src/cmor.c:261:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(astr, value); data/cmor-3.6.0/Src/cmor.c:288:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "forcing attribute elt %i (%s) is not valid for\n! " data/cmor-3.6.0/Src/cmor.c:421:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmor_traceback_info, "%s\n! ", name); data/cmor-3.6.0/Src/cmor.c:423:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp, "%s\n! called from: %s", name, cmor_traceback_info); data/cmor-3.6.0/Src/cmor.c:440:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, &cmor_traceback_info[i + 13]); data/cmor-3.6.0/Src/cmor.c:444:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmor_traceback_info, tmp); data/cmor-3.6.0/Src/cmor.c:805:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:811:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1226:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szFullName, szFilename); data/cmor-3.6.0/Src/cmor.c:1361:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szVal, json_object_get_string(value)); data/cmor-3.6.0/Src/cmor.c:1544:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1666:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1674:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1688:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg,"%s/tmp%i.cmor.test", data/cmor-3.6.0/Src/cmor.c:1693:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1707:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1718:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1728:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1950:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "%s_bnds", data/cmor-3.6.0/Src/cmor.c:2439:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:2838:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(msg, ctmp); data/cmor-3.6.0/Src/cmor.c:2850:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, CMOR_MAX_STRING, GLOBAL_ATT_TITLE_MSG, ctmp, data/cmor-3.6.0/Src/cmor.c:2999:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szTemplate, cmor_current_dataset.history_template); data/cmor-3.6.0/Src/cmor.c:3001:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(ctmp, CMOR_MAX_STRING, data/cmor-3.6.0/Src/cmor.c:3124:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmor_current_dataset.tracking_id, myuuid_str); data/cmor-3.6.0/Src/cmor.c:3369:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "Inverted axis: %s", data/cmor-3.6.0/Src/cmor.c:3552:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ctmp, data/cmor-3.6.0/Src/cmor.c:4519:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ctmp, data/cmor-3.6.0/Src/cmor.c:4556:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(outpath, outname); data/cmor-3.6.0/Src/cmor.c:5529:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path_template, templateSTH); data/cmor-3.6.0/Src/cmor.c:5554:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szJoin, separator); data/cmor-3.6.0/Src/cmor.c:5567:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szJoin, separator); data/cmor-3.6.0/Src/cmor.c:5571:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szJoin, separator); data/cmor-3.6.0/Src/cmor.c:5578:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szJoin, separator); data/cmor-3.6.0/Src/cmor.c:5581:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szJoin, separator); data/cmor-3.6.0/Src/cmor.c:5585:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szInternalAtt, GLOBAL_INTERNAL); data/cmor-3.6.0/Src/cmor.c:5591:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szJoin, separator); data/cmor-3.6.0/Src/cmor.c:5598:25: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szJoin, separator); data/cmor-3.6.0/Src/cmor.c:5638:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szVersion, szDate); data/cmor-3.6.0/Src/cmor.c:5789:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szValue, szVariant); data/cmor-3.6.0/Src/cmor.c:6209:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "%s.copy", outname); data/cmor-3.6.0/Src/cmor_CV.c:31:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(CV->key, szKey); data/cmor-3.6.0/Src/cmor_CV.c:86:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(CV->aszValue[k], json_object_get_string(joItem)); data/cmor-3.6.0/Src/cmor_CV.c:91:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(CV->szValue, json_object_get_string(joValue)); data/cmor-3.6.0/Src/cmor_CV.c:391:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(copyURL, szFurtherInfoURLTemplate); data/cmor-3.6.0/Src/cmor_CV.c:395:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(copyURL, szFurtherInfoURLTemplate); data/cmor-3.6.0/Src/cmor_CV.c:480:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szAddSourceType, CV_exp_attr->aszValue[j]); data/cmor-3.6.0/Src/cmor_CV.c:482:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szAddSourceTypeCpy, CV_exp_attr->aszValue[j]); data/cmor-3.6.0/Src/cmor_CV.c:490:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szReqSourceType, CV_exp_attr->aszValue[j]); data/cmor-3.6.0/Src/cmor_CV.c:492:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szReqSourceTypeCpy, CV_exp_attr->aszValue[j]); data/cmor-3.6.0/Src/cmor_CV.c:974:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szValue, szVariant); data/cmor-3.6.0/Src/cmor_CV.c:1416:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szExpValue, CV_experiment_attr->szValue); data/cmor-3.6.0/Src/cmor_CV.c:1443:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szExpValue, CV_experiment_attr->aszValue[0]); data/cmor-3.6.0/Src/cmor_CV.c:1467:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szExpValue, CV_experiment_attr->szValue); data/cmor-3.6.0/Src/cmor_CV.c:2015:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szValids, szOutput); data/cmor-3.6.0/Src/cmor_axes.c:210:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(msg, &inunits[iui]); data/cmor-3.6.0/Src/cmor_axes.c:376:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(value, cmor_axes[id].attributes_values_char[index]); data/cmor-3.6.0/Src/cmor_axes.c:532:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_axes.c:628:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_axes.c:641:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_axes.c:660:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_axes.c:769:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_axes.c:916:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(local_unit, units); data/cmor-3.6.0/Src/cmor_axes.c:932:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(local_unit, units); data/cmor-3.6.0/Src/cmor_axes.c:934:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(local_unit, refaxis->units); data/cmor-3.6.0/Src/cmor_axes.c:1442:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ctmp, refaxis->units); data/cmor-3.6.0/Src/cmor_axes.c:1683:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ctmp, refaxis.units); data/cmor-3.6.0/Src/cmor_axes.c:1941:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmor_axes[cmor_naxes].id, refaxis.out_name); data/cmor-3.6.0/Src/cmor_axes.c:2107:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmor_axes[cmor_naxes].id, refaxis.out_name); data/cmor-3.6.0/Src/cmor_axes.c:2193:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->required, att); data/cmor-3.6.0/Src/cmor_axes.c:2197:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->id, val); data/cmor-3.6.0/Src/cmor_axes.c:2207:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->out_name, val); data/cmor-3.6.0/Src/cmor_axes.c:2211:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->standard_name, val); data/cmor-3.6.0/Src/cmor_axes.c:2215:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->long_name, val); data/cmor-3.6.0/Src/cmor_axes.c:2219:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->convert_to, val); data/cmor-3.6.0/Src/cmor_axes.c:2223:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->formula, val); data/cmor-3.6.0/Src/cmor_axes.c:2227:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->z_factors, val); data/cmor-3.6.0/Src/cmor_axes.c:2231:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->z_bounds_factors, val); data/cmor-3.6.0/Src/cmor_axes.c:2501:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(axis->crequested, val); data/cmor-3.6.0/Src/cmor_grids.c:448:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att[j], data/cmor-3.6.0/Src/cmor_grids.c:725:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_grids.c:791:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "your defining a vertices dependent " data/cmor-3.6.0/Src/cmor_tables.c:54:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(out, sym->value); data/cmor-3.6.0/Src/cmor_tables.c:156:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szValue, json_object_get_string(value)); data/cmor-3.6.0/Src/cmor_tables.c:211:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szValue, json_object_get_string(value)); data/cmor-3.6.0/Src/cmor_tables.c:268:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szValue, json_object_get_string(value)); data/cmor-3.6.0/Src/cmor_tables.c:421:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(table->szTable_id, value2); data/cmor-3.6.0/Src/cmor_tables.c:573:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szControlFilenameJSON, szPath); data/cmor-3.6.0/Src/cmor_tables.c:575:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szControlFilenameJSON, szCV); data/cmor-3.6.0/Src/cmor_tables.c:576:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szAxisEntryFilenameJSON, szPath); data/cmor-3.6.0/Src/cmor_tables.c:578:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szAxisEntryFilenameJSON, szAxisEntryFN); data/cmor-3.6.0/Src/cmor_tables.c:579:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szFormulaVarFilenameJSON, szPath); data/cmor-3.6.0/Src/cmor_tables.c:581:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szFormulaVarFilenameJSON, szFormulaVarFN); data/cmor-3.6.0/Src/cmor_tables.c:589:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szControlFilenameJSON, cmor_input_path); data/cmor-3.6.0/Src/cmor_tables.c:591:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szControlFilenameJSON, szCV); data/cmor-3.6.0/Src/cmor_tables.c:592:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szAxisEntryFilenameJSON, szPath); data/cmor-3.6.0/Src/cmor_tables.c:594:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szAxisEntryFilenameJSON, szAxisEntryFN); data/cmor-3.6.0/Src/cmor_tables.c:595:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szFormulaVarFilenameJSON, szPath); data/cmor-3.6.0/Src/cmor_tables.c:597:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szFormulaVarFilenameJSON, szFormulaVarFN); data/cmor-3.6.0/Src/cmor_tables.c:614:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmor_tables[cmor_ntables].path, szTable); data/cmor-3.6.0/Src/cmor_tables.c:780:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szVal, json_object_get_string(value)); data/cmor-3.6.0/Src/cmor_tables.c:795:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szVal, json_object_get_string(globalAttr)); data/cmor-3.6.0/Src/cmor_tables.c:813:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szVal, json_object_get_string(experiment)); data/cmor-3.6.0/Src/cmor_tables.c:911:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szLastMapID, psCurrCmorTable->mappings[nMap].id); data/cmor-3.6.0/Src/cmor_tables.c:912:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szCurrMapID, psCurrCmorTable->mappings[n].id); data/cmor-3.6.0/Src/cmor_tables.c:938:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(param, json_object_get_string(mappar)); data/cmor-3.6.0/Src/cmor_variables.c:413:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(comment, COMMENT_VARIABLE_ZFACTOR); data/cmor-3.6.0/Src/cmor_variables.c:1120:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmor_vars[vrid].frequency, refvar.frequency); data/cmor-3.6.0/Src/cmor_variables.c:1151:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmor_vars[vrid].chunking_dimensions, refvar.chunking_dimensions); data/cmor-3.6.0/Src/cmor_variables.c:1381:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_variables.c:1402:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_variables.c:1413:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_variables.c:1634:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(msg, data/cmor-3.6.0/Src/cmor_variables.c:2090:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_variables.c:2100:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_variables.c:2114:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_variables.c:2121:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/cmor-3.6.0/Src/cmor_variables.c:2177:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(chunk_dimensions, cmor_vars[var_id].chunking_dimensions); data/cmor-3.6.0/Src/cmor_variables.c:2735:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, CMOR_MAX_STRING, msg_min, n_lower_min); data/cmor-3.6.0/Src/cmor_variables.c:2741:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(msg, CMOR_MAX_STRING, msg_max, n_greater_max); data/cmor-3.6.0/Src/_cmormodule.c:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/_cmormodule.c:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/_cmormodule.c:738:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nms[CMOR_MAX_GRID_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/Src/_cmormodule.c:739:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CMOR_MAX_GRID_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/Src/_cmormodule.c:887:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/_controlvocabulary.c:226:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/_controlvocabulary.c:314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attribute_name[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/_controlvocabulary.c:382:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cdTime/cdRegTrfm.c:77:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ngeom->stor_dsc,"+x in +y"); data/cmor-3.6.0/Src/cdTime/cdRegTrfm.c:79:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ngeom->stor_dsc,"+x in -y"); data/cmor-3.6.0/Src/cdTime/cdRegTrfm.c:82:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ngeom->stor_dsc,"+y in +x"); data/cmor-3.6.0/Src/cdTime/cdRegTrfm.c:84:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ngeom->stor_dsc,"-y in +x"); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charunits[CD_MAX_RELUNITS]; data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:124:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char basetime_1[CD_MAX_CHARTIME]; data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:125:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char basetime_2[CD_MAX_CHARTIME]; data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char basetime[CD_MAX_CHARTIME]; data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:202:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charunits[CD_MAX_TIME_DELTA]; data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:369:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time,"%ld-%hd-%hd %d:%d:%lf",comptime.year,comptime.month,comptime.day,ihr,imin,sec); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:371:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time,"%ld-%hd-%hd %d:%d",comptime.year,comptime.month,comptime.day,ihr,imin); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:373:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time,"%ld-%hd-%hd %d:0",comptime.year,comptime.month,comptime.day,ihr); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:377:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time,"%hd-%hd %d:%d:%lf",comptime.month,comptime.day,ihr,imin,sec); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:379:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time,"%hd-%hd %d:%d",comptime.month,comptime.day,ihr,imin); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:381:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time,"%hd-%hd %d:0",comptime.month,comptime.day,ihr); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:619:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charunits[CD_MAX_ABSUNITS]; data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:620:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char format[CD_MAX_ABSUNITS]; data/cmor-3.6.0/Src/cdTime/timeConv.c:338:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctime,"%ld/%hd/%hd %d:%d:%.1f",htime->year,htime->month, data/cmor-3.6.0/Src/cdTime/timeConv.c:342:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctime,"%ld+%ld/%hd/%hd %d:%d:%.1f",htime->baseYear, data/cmor-3.6.0/Src/cdTime/timeConv.c:346:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctime,"%hd/%hd %d:%d:%.1f",htime->month,htime->day, data/cmor-3.6.0/Src/cmor.c:70:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char CMOR_VALID_CALENDARS[CMOR_N_VALID_CALS][CMOR_MAX_STRING] = data/cmor-3.6.0/Src/cmor.c:113:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmor_input_path[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:114:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmor_traceback_info[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:150:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[PATH_MAX]; data/cmor-3.6.0/Src/cmor.c:252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:253:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char astr[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:321:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTableExptID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:322:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTableShtExptID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:398:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:399:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern void cmor_handle_error(char error_msg[CMOR_MAX_STRING], int level); data/cmor-3.6.0/Src/cmor.c:418:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:435:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:453:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[50]; data/cmor-3.6.0/Src/cmor.c:478:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char local_unit[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:479:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:480:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern void cmor_handle_error(char error_msg[CMOR_MAX_STRING], int level); data/cmor-3.6.0/Src/cmor.c:537:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[50]; data/cmor-3.6.0/Src/cmor.c:562:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void cmor_handle_error(char error_msg[CMOR_MAX_STRING], int level) data/cmor-3.6.0/Src/cmor.c:565:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:653:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void cmor_handle_error_var(char error_msg[CMOR_MAX_STRING], int level, data/cmor-3.6.0/Src/cmor.c:771:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:772:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:773:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmplogfile[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:867:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_logfile = fopen(tmplogfile, "r"); data/cmor-3.6.0/Src/cmor.c:888:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_logfile = fopen(tmplogfile, "w"); data/cmor-3.6.0/Src/cmor.c:897:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_logfile = fopen(tmplogfile, "w"); data/cmor-3.6.0/Src/cmor.c:929:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, data/cmor-3.6.0/Src/cmor.c:1215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFullName[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1227:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). table_file = fopen(szFullName, "r"); data/cmor-3.6.0/Src/cmor.c:1234:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). table_file = fopen(szFullName, "r"); data/cmor-3.6.0/Src/cmor.c:1318:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVal[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1409:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1441:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1483:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1584:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1620:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1653:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1690:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). test_file = fopen(msg, "w"); data/cmor-3.6.0/Src/cmor.c:1751:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char values[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1752:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1753:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1823:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char **)*target)[j] = (char *)malloc(13 * sizeof(char)); data/cmor-3.6.0/Src/cmor.c:1824:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strncpy(((char **)*target)[j], msg2, 12); data/cmor-3.6.0/Src/cmor.c:1855:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char **)*target)[j] = (char *)malloc(13 * sizeof(char)); data/cmor-3.6.0/Src/cmor.c:1856:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strncpy(((char **)*target)[j], msg2, 12); data/cmor-3.6.0/Src/cmor.c:1870:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:1871:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2412:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2472:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2497:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/cmor-3.6.0/Src/cmor.c:2501:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_from = open(from, O_RDONLY); data/cmor-3.6.0/Src/cmor.c:2505:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_to = open(to, O_WRONLY | O_CREAT | O_EXCL, 0666); data/cmor-3.6.0/Src/cmor.c:2556:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2587:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fperr = fopen(outname, "r"); data/cmor-3.6.0/Src/cmor.c:2604:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fperr = fopen(file_suffix, "r"); data/cmor-3.6.0/Src/cmor.c:2746:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2747:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestamp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2748:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2749:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2750:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char words[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2751:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trimword[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2753:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szHistory[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2754:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTemplate[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:2835:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&ctmp[2 * i], "%02x", cmor_tables[nVarRefTblID].md5[i]); data/cmor-3.6.0/Src/cmor.c:3022:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myuuid_str[37]; // 36 characters + '\0' data/cmor-3.6.0/Src/cmor.c:3105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3348:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3349:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3350:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3351:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp3[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:3557:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ctmp, "sector"); data/cmor-3.6.0/Src/cmor.c:3955:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4377:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outname[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4378:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4379:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4380:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4381:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char appending_to[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4399:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szPathTemplate[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4400:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outpath[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:4509:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctmp, data/cmor-3.6.0/Src/cmor.c:4559:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(outname, "XXXXXX"); data/cmor-3.6.0/Src/cmor.c:4560:16: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). ierr = mkstemp(outname); data/cmor-3.6.0/Src/cmor.c:4565:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "%d", (int)getpid()); data/cmor-3.6.0/Src/cmor.c:4799:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5519:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5520:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_template[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5584:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szInternalAtt[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5628:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVersion[CMOR_MAX_STRING];; data/cmor-3.6.0/Src/cmor.c:5629:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szDate[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5650:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5658:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5659:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVariant[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5661:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5805:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5806:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5875:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frequency[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5876:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char start_string[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:5877:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_string[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:6042:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outname[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:6043:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:6045:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:6046:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor.c:6095:37: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctmp2, "%i", data/cmor-3.6.0/Src/cmor.c:6103:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctmp2, "%i", data/cmor-3.6.0/Src/cmor.c:6107:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctmp, "no"); data/cmor-3.6.0/Src/cmor.c:6109:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctmp, "%i", data/cmor-3.6.0/Src/cmor.c:6140:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctmp2, "%i", cmor_vars[var_id].ntimes_written); data/cmor-3.6.0/Src/cmor.c:6141:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ctmp, "%i", data/cmor-3.6.0/Src/cmor.c:6207:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fperr = fopen(outname, "r"); data/cmor-3.6.0/Src/cmor.c:6298:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:296:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(CV->szValue, "%d", CV->nValue); data/cmor-3.6.0/Src/cmor_CV.c:304:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(CV->szValue, "%lf", CV->dValue); data/cmor-3.6.0/Src/cmor_CV.c:354:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFurtherInfoURLTemplate[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:355:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFurtherInfoURL[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:356:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char copyURL[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:357:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFurtherInfoBaseURL[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:358:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFurtherInfoFileURL[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:359:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:360:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:361:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:445:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szAddSourceType[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:446:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szReqSourceType[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:447:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szAddSourceTypeCpy[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:448:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szReqSourceTypeCpy[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:450:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSourceType[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:451:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:452:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:605:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSource_ID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:606:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSource[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:607:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSubstring[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:611:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:612:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:729:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:730:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:766:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:767:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:816:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szExperiment_ID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:817:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:818:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSubExptID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:819:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:820:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVariant[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:822:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:997:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:998:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szParentExpValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:999:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szExperiment_ID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1000:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBranchMethod[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1001:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBranchTimeInChild[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1002:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBranchTimeInParent[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1005:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szParentSourceId[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1006:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szParentTimeUnits[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1007:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szParentVariantLabel[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1010:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1011:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1224:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char template[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1228:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(template, data/cmor-3.6.0/Src/cmor_CV.c:1264:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char template[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1268:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(template, data/cmor-3.6.0/Src/cmor_CV.c:1366:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szExperiment_ID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1367:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1368:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1369:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szExpValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1370:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1504:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outname[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1505:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1506:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1601:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frequency[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1602:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char start_string[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1603:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_string[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1787:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szInstitution_ID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1788:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szInstitution[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1790:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1791:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CMOR_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1792:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1912:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1913:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1914:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1915:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValids[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1916:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szOutput[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:1917:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2016:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(szValids, "\" "); data/cmor-3.6.0/Src/cmor_CV.c:2042:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szGridLabel[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2043:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szGridResolution[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2044:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2045:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CV_Filename[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2046:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCompare[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2269:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szDate[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2270:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2310:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_CV.c:2311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sshort[6]; data/cmor-3.6.0/Src/cmor_axes.c:66:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "seconds"); data/cmor-3.6.0/Src/cmor_axes.c:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sshort[6]; data/cmor-3.6.0/Src/cmor_axes.c:230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loutunits[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:291:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:353:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:459:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:877:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char local_unit[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:880:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:1325:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:1326:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:1327:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:1382:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "seconds"); data/cmor-3.6.0/Src/cmor_axes.c:1628:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:1629:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:1883:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. j = strlen(&((char *)coord_vals)[i * k]); data/cmor-3.6.0/Src/cmor_axes.c:1900:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. &((char *)coord_vals)[i * k], j); data/cmor-3.6.0/Src/cmor_axes.c:2173:51: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_set_axis_def_att(cmor_axis_def_t * axis, char att[CMOR_MAX_STRING], data/cmor-3.6.0/Src/cmor_axes.c:2174:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING]) data/cmor-3.6.0/Src/cmor_axes.c:2177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dim[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_axes.c:2178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_cfortran_interface.c:354:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_load_table_cff_(char table[CMOR_MAX_STRING], int *table_id) data/cmor-3.6.0/Src/cmor_cfortran_interface.c:371:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void cmor_handle_error_cff_(char error_msg[CMOR_MAX_STRING], int *level) data/cmor-3.6.0/Src/cmor_grids.c:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:238:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ctmp, "degrees_north"); data/cmor-3.6.0/Src/cmor_grids.c:254:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ctmp, "degrees_east"); data/cmor-3.6.0/Src/cmor_grids.c:293:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_attribute_in_list(char *name, int n, char (*atts)[CMOR_MAX_STRING]) data/cmor-3.6.0/Src/cmor_grids.c:293:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_attribute_in_list(char *name, int n, char (*atts)[CMOR_MAX_STRING]) data/cmor-3.6.0/Src/cmor_grids.c:308:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_grid_valid_mapping_attribute_names(char *name, int *natt, char (*att) data/cmor-3.6.0/Src/cmor_grids.c:308:68: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_grid_valid_mapping_attribute_names(char *name, int *natt, char (*att) data/cmor-3.6.0/Src/cmor_grids.c:310:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*dims) data/cmor-3.6.0/Src/cmor_grids.c:320:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "standard_parallel"); data/cmor-3.6.0/Src/cmor_grids.c:321:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "longitude_of_central_meridian"); data/cmor-3.6.0/Src/cmor_grids.c:322:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:323:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:324:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:326:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:327:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:330:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "longitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:331:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:332:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:333:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:335:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:336:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:339:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "longitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:340:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:341:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:342:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:344:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:345:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:348:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "standard_parallel"); data/cmor-3.6.0/Src/cmor_grids.c:349:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "longitude_of_central_meridian"); data/cmor-3.6.0/Src/cmor_grids.c:350:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:351:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:352:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:354:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:355:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:358:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "standard_parallel"); data/cmor-3.6.0/Src/cmor_grids.c:359:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "longitude_of_central_meridian"); data/cmor-3.6.0/Src/cmor_grids.c:360:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "scale_factor_at_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:361:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:362:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:364:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:365:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:371:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "standard_parallel"); data/cmor-3.6.0/Src/cmor_grids.c:372:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "longitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:373:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "scale_factor_at_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:374:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:375:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:377:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:378:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:381:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "longitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:382:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:383:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "scale_factor_at_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:384:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:385:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:387:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:388:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:391:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "straight_vertical_longitude_from_pole"); data/cmor-3.6.0/Src/cmor_grids.c:392:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:393:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "standard_parallel"); data/cmor-3.6.0/Src/cmor_grids.c:394:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "scale_factor_at_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:395:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:396:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[5], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:398:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:399:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:402:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "grid_north_pole_latitude"); data/cmor-3.6.0/Src/cmor_grids.c:403:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "grid_north_pole_longitude"); data/cmor-3.6.0/Src/cmor_grids.c:404:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "north_pole_grid_longitude"); data/cmor-3.6.0/Src/cmor_grids.c:406:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "grid_latitude"); data/cmor-3.6.0/Src/cmor_grids.c:407:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "grid_longitude"); data/cmor-3.6.0/Src/cmor_grids.c:410:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "longitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:411:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:412:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "scale_factor_at_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:413:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:414:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:416:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:417:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:420:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "scale_factor_at_central_meridian"); data/cmor-3.6.0/Src/cmor_grids.c:421:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "longitude_of_central_meridian"); data/cmor-3.6.0/Src/cmor_grids.c:422:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:423:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:424:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:426:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:427:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:430:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[0], "longitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:431:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[1], "latitude_of_projection_origin"); data/cmor-3.6.0/Src/cmor_grids.c:432:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[2], "perspective_height_point"); data/cmor-3.6.0/Src/cmor_grids.c:433:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[3], "false_easting"); data/cmor-3.6.0/Src/cmor_grids.c:434:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[4], "false_northing"); data/cmor-3.6.0/Src/cmor_grids.c:436:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[0], "projection_y_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:437:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dims[1], "projection_x_coordinate"); data/cmor-3.6.0/Src/cmor_grids.c:455:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[*natt + 0], "earth_radius"); data/cmor-3.6.0/Src/cmor_grids.c:456:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[*natt + 1], "inverse_flattening"); data/cmor-3.6.0/Src/cmor_grids.c:457:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[*natt + 2], "longitude_of_prime_meridian"); data/cmor-3.6.0/Src/cmor_grids.c:458:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[*natt + 3], "perspective_point_height"); data/cmor-3.6.0/Src/cmor_grids.c:459:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[*natt + 4], "semi_major_axis"); data/cmor-3.6.0/Src/cmor_grids.c:460:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att[*natt + 5], "semi_minor_axis"); data/cmor-3.6.0/Src/cmor_grids.c:467:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char att[CMOR_MAX_STRING], data/cmor-3.6.0/Src/cmor_grids.c:468:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING]) data/cmor-3.6.0/Src/cmor_grids.c:471:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:513:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_set_grid_mapping(int gid, char *name, int nparam, data/cmor-3.6.0/Src/cmor_grids.c:514:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *attributes_names, int lparams, data/cmor-3.6.0/Src/cmor_grids.c:522:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lattributes_names[CMOR_MAX_GRID_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:523:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lunits[CMOR_MAX_GRID_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:524:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char grid_attributes[CMOR_MAX_GRID_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:525:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:526:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:527:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char grid_dimensions[CMOR_MAX_DIMENSIONS][CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:673:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_grids.c:689:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(msg, "not found"); data/cmor-3.6.0/Src/cmor_grids.c:854:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "unknown coord type: %i", ctype); data/cmor-3.6.0/Src/cmor_grids.c:875:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_md5.c:109:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, buf, len); data/cmor-3.6.0/Src/cmor_md5.c:112:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, buf, t); data/cmor-3.6.0/Src/cmor_md5.c:121:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->in, buf, 64); data/cmor-3.6.0/Src/cmor_md5.c:129:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->in, buf, len); data/cmor-3.6.0/Src/cmor_md5.c:136:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void cvs_MD5Final(unsigned char digest[16], struct cvs_MD5Context *ctx) data/cmor-3.6.0/Src/cmor_md5.c:196:57: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void cvs_MD5Transform(cvs_uint32 buf[4], const unsigned char inraw[64]) data/cmor-3.6.0/Src/cmor_md5.c:289:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void cmor_md5(FILE * inputfile, unsigned char checksum[16]) data/cmor-3.6.0/Src/cmor_tables.c:85:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(table->realm, "REALM"); data/cmor-3.6.0/Src/cmor_tables.c:93:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(table->product, "model_output"); data/cmor-3.6.0/Src/cmor_tables.c:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:171:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:225:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING * 20]; data/cmor-3.6.0/Src/cmor_tables.c:226:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:278:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_set_experiments(cmor_table_t * table, char att[CMOR_MAX_STRING], data/cmor-3.6.0/Src/cmor_tables.c:279:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING]) data/cmor-3.6.0/Src/cmor_tables.c:282:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szError[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:313:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_set_dataset_att(cmor_table_t * table, char att[CMOR_MAX_STRING], data/cmor-3.6.0/Src/cmor_tables.c:314:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING]) data/cmor-3.6.0/Src/cmor_tables.c:318:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:319:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:517:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:538:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_load_table(char szTable[CMOR_MAX_STRING], int *table_id) data/cmor-3.6.0/Src/cmor_tables.c:543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szControlFilenameJSON[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:544:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szAxisEntryFilenameJSON[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:545:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFormulaVarFilenameJSON[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCV[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:547:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szAxisEntryFN[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:548:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFormulaVarFN[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:549:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:658:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_search_table(char szTable[CMOR_MAX_STRING], int *table_id) data/cmor-3.6.0/Src/cmor_tables.c:677:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_load_table_internal(char szTable[CMOR_MAX_STRING], int *table_id) data/cmor-3.6.0/Src/cmor_tables.c:680:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char word[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:684:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char cmor_input_path[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:685:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:686:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVal[1024000]; data/cmor-3.6.0/Src/cmor_tables.c:694:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). table_file = fopen(szTable, "r"); data/cmor-3.6.0/Src/cmor_tables.c:698:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). table_file = fopen(word, "r"); data/cmor-3.6.0/Src/cmor_tables.c:703:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). table_file = fopen(word, "r"); data/cmor-3.6.0/Src/cmor_tables.c:900:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szLastMapID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:901:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCurrMapID[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_tables.c:936:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:22:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char astr[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char astr[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:257:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:302:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:360:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:402:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:406:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char local_unit[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:408:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:981:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:982:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:983:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:1015:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:1040:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:1041:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctmp[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:1206:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szActivity[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:1912:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int cmor_set_var_def_att(cmor_var_def_t * var, char att[CMOR_MAX_STRING], data/cmor-3.6.0/Src/cmor_variables.c:1913:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING]) data/cmor-3.6.0/Src/cmor_variables.c:1916:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dim[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:1917:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2085:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). var->shuffle = atoi(val); data/cmor-3.6.0/Src/cmor_variables.c:2087:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(val) != 0) { data/cmor-3.6.0/Src/cmor_variables.c:2110:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). var->deflate = atoi(val); data/cmor-3.6.0/Src/cmor_variables.c:2112:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(val) != 0) { data/cmor-3.6.0/Src/cmor_variables.c:2129:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). var->deflate_level = atoi(val); data/cmor-3.6.0/Src/cmor_variables.c:2167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunk_dimensions[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2187:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nChunks[n] = atoi(token); data/cmor-3.6.0/Src/cmor_variables.c:2254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2303:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2353:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2354:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg2[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2358:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char local_unit[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2361:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_min[CMOR_MAX_STRING]; data/cmor-3.6.0/Src/cmor_variables.c:2362:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_max[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/ipcc_test_code.c:114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varin3d[n3d][6] = { "CLOUD", "U", "T" }; data/cmor-3.6.0/Test/ipcc_test_code.c:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units3d[n3d][6] = { "%", "m s-1", "K" }; data/cmor-3.6.0/Test/ipcc_test_code.c:120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry3d[n3d][3] = { "cl", "ua", "ta" }; data/cmor-3.6.0/Test/ipcc_test_code.c:123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varin2d[n2d][9] = { "LATENT", "TSURF", "SOIL_WET", "PSURF" }; data/cmor-3.6.0/Test/ipcc_test_code.c:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units2d[n2d][7] = { "W m-2", "K", "kg m-2", "Pa" }; data/cmor-3.6.0/Test/ipcc_test_code.c:128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char positive2d[n2d][4] = { "down", " ", " ", " " }; data/cmor-3.6.0/Test/ipcc_test_code.c:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry2d[n2d][6] = { "hfls", "tas", "mrsos", "ps" }; data/cmor-3.6.0/Test/ipcc_test_code.c:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/ipcc_test_code.c:173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/ipcc_test_code.c:174:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char interval[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/ipcc_test_code.c:175:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char anames[25][CMOR_MAX_STRING]; data/cmor-3.6.0/Test/ipcc_test_code.c:177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char regions[5][23] = data/cmor-3.6.0/Test/ipcc_test_code.c:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[555]; data/cmor-3.6.0/Test/ipcc_test_code.c:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c1[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/ipcc_test_code.c:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c2[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/ipcc_test_code.c:217:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c1, "GICCM1(2002)\0"); data/cmor-3.6.0/Test/ipcc_test_code.c:218:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c2, "Nat\0"); data/cmor-3.6.0/Test/ipcc_test_code.c:227:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "time"); data/cmor-3.6.0/Test/ipcc_test_code.c:228:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "months since 1980"); data/cmor-3.6.0/Test/ipcc_test_code.c:229:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(interval, "1 month"); data/cmor-3.6.0/Test/ipcc_test_code.c:237:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "latitude"); data/cmor-3.6.0/Test/ipcc_test_code.c:238:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "degrees_north"); data/cmor-3.6.0/Test/ipcc_test_code.c:244:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "longitude"); data/cmor-3.6.0/Test/ipcc_test_code.c:245:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "degrees_east"); data/cmor-3.6.0/Test/ipcc_test_code.c:250:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "plev19"); data/cmor-3.6.0/Test/ipcc_test_code.c:251:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "hPa"); data/cmor-3.6.0/Test/ipcc_test_code.c:287:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "time"); data/cmor-3.6.0/Test/ipcc_test_code.c:288:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "months since 1980"); data/cmor-3.6.0/Test/ipcc_test_code.c:289:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(interval, "1 month"); data/cmor-3.6.0/Test/ipcc_test_code.c:296:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "latitude"); data/cmor-3.6.0/Test/ipcc_test_code.c:297:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "degrees_north"); data/cmor-3.6.0/Test/ipcc_test_code.c:363:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(id, "%i", i); data/cmor-3.6.0/Test/test_cmor_append_associated.c:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_append_associated.c:167:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char returnvalue[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_append_associated_point.c:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_append_associated_point.c:167:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char returnvalue[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_depth_coord_half.c:17:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char returnvalue[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_grid_unstructured_3d_fabi.c:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_grid_unstructured_fabi.c:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c:77:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char returnvalue[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char landUse[4][CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_singleton_and_generic.c:77:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_cmor_singleton_and_generic.c:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char returnvalue[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_grid.c:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_grid.c:65:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char params[nparam][lparam] = data/cmor-3.6.0/Test/test_grid.c:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char punits[nparam][lunits] = data/cmor-3.6.0/Test/test_lots_of_variables.c:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varin3d[n3d][6] = { "CLOUD", "U", "T" }; data/cmor-3.6.0/Test/test_lots_of_variables.c:164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units3d[n3d][6] = { "%", "m s-1", "K" }; data/cmor-3.6.0/Test/test_lots_of_variables.c:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry3d[n3d][3] = { "cl", "ua", "ta" }; data/cmor-3.6.0/Test/test_lots_of_variables.c:170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varin2d[n2d][9] = { "LATENT", "TSURF", "SOIL_WET", "PSURF" }; data/cmor-3.6.0/Test/test_lots_of_variables.c:173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units2d[n2d][7] = { "W m-2", "K", "kg m-2", "Pa" }; data/cmor-3.6.0/Test/test_lots_of_variables.c:175:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char positive2d[n2d][4] = { "down", " ", " ", " " }; data/cmor-3.6.0/Test/test_lots_of_variables.c:178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry2d[n2d][6] = { "hfls", "tas", "mrsos", "ps" }; data/cmor-3.6.0/Test/test_lots_of_variables.c:219:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_lots_of_variables.c:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_lots_of_variables.c:221:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char interval[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_lots_of_variables.c:222:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char anames[25][CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_lots_of_variables.c:224:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char regions[5][16] = data/cmor-3.6.0/Test/test_lots_of_variables.c:230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[555]; data/cmor-3.6.0/Test/test_lots_of_variables.c:260:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c1[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_lots_of_variables.c:261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c2[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_lots_of_variables.c:262:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c1, "GICCM1\0"); data/cmor-3.6.0/Test/test_lots_of_variables.c:263:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c2, "Nat, TO"); data/cmor-3.6.0/Test/test_lots_of_variables.c:270:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "time"); data/cmor-3.6.0/Test/test_lots_of_variables.c:271:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "months since 1980"); data/cmor-3.6.0/Test/test_lots_of_variables.c:272:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(interval, "1 month"); data/cmor-3.6.0/Test/test_lots_of_variables.c:277:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(units, "months since %i", 1900 + i); data/cmor-3.6.0/Test/test_lots_of_variables.c:283:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "latitude"); data/cmor-3.6.0/Test/test_lots_of_variables.c:284:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "degrees_north"); data/cmor-3.6.0/Test/test_lots_of_variables.c:289:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id, "longitude"); data/cmor-3.6.0/Test/test_lots_of_variables.c:290:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(units, "degrees_east"); data/cmor-3.6.0/Test/test_lots_of_variables.c:303:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(id, "hfls%i", i); data/cmor-3.6.0/Test/test_lots_of_variables.c:315:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(id, "%i", i); data/cmor-3.6.0/Test/test_unit_cat_unique.c:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_unit_cat_unique.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_unit_cat_unique.c:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expected[CMOR_MAX_STRING]; data/cmor-3.6.0/Test/test_unit_cat_unique.c:27:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:28:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:38:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:39:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:40:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:48:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "jungle"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:49:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jungle"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:56:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble jungle"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:57:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "umb"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:58:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jungle umb"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:65:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:66:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "rum"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:67:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble rum"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:74:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:75:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "ble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:76:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble ble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:83:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble jungle happy"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:84:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "ppy"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:85:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jungle happy ppy"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:92:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble jungle happy"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:93:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "gle"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:94:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jungle happy gle"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:101:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble jungle happy"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:102:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "jung"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:103:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jungle happy jung"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:109:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble jumble ble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:110:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "ble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:111:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jumble ble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:118:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble jumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:119:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "jumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:120:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:127:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(dest, "rumble jumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:128:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(src, "rumble"); data/cmor-3.6.0/Test/test_unit_cat_unique.c:129:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(expected, "rumble jumble"); data/cmor-3.6.0/include/cdTime/cddrsint.h:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source[CU_MAX_NAME]; /* DRS source string */ data/cmor-3.6.0/include/cdTime/cddrsint.h:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CU_MAX_NAME]; /* DRS variable name */ data/cmor-3.6.0/include/cdTime/cddrsint.h:64:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[CU_MAX_NAME]; /* DRS variable title */ data/cmor-3.6.0/include/cdTime/cddrsint.h:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CU_MAX_NAME]; /* DRS variable units */ data/cmor-3.6.0/include/cdTime/cddrsint.h:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[CU_MAX_NAME]; /* DRS date written */ data/cmor-3.6.0/include/cdTime/cddrsint.h:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char time[CU_MAX_NAME]; /* DRS time written */ data/cmor-3.6.0/include/cdTime/cddrsint.h:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[CU_MAX_NAME]; /* type string, e.g., 'R*4' */ data/cmor-3.6.0/include/cdTime/cddrsint.h:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source[CU_MAX_NAME]; /* source string */ data/cmor-3.6.0/include/cdTime/cddrsint.h:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CU_MAX_NAME]; /* DRS dimension name */ data/cmor-3.6.0/include/cdTime/cddrsint.h:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[CU_MAX_NAME]; /* DRS dimension title */ data/cmor-3.6.0/include/cdTime/cddrsint.h:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CU_MAX_NAME]; /* DRS dimension units */ data/cmor-3.6.0/include/cdTime/cdmsint.h:94:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CD_MAX_NAME]; /* Name (key) */ data/cmor-3.6.0/include/cdTime/cdmsint.h:111:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CD_MAX_NAME]; /* Attribute name */ data/cmor-3.6.0/include/cdTime/cdmsint.h:122:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[CD_MAX_PATH]; /* Dataset pathname */ data/cmor-3.6.0/include/cdTime/cdmsint.h:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileTemp[CD_MAX_PATH]; /* File template */ data/cmor-3.6.0/include/cdTime/cdmsint.h:135:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[CD_MAX_PATH]; /* Database pathname */ data/cmor-3.6.0/include/cdTime/cdmsint.h:142:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CD_MAX_NAME]; /* Parameter name */ data/cmor-3.6.0/include/cdTime/cdmsint.h:143:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char longName[CD_MAX_NAME]; /* Descriptive name */ data/cmor-3.6.0/include/cdTime/cdmsint.h:144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CD_MAX_NAME]; /* Standard units */ data/cmor-3.6.0/include/cdTime/cdmsint.h:162:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CD_MAX_NAME]; /* Parameter name (official) */ data/cmor-3.6.0/include/cdTime/cdmsint.h:163:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char alias[CD_MAX_NAME]; /* Name in file */ data/cmor-3.6.0/include/cdTime/cdmsint.h:164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char aliasTitle[CD_MAX_NAME]; /* Title in file */ data/cmor-3.6.0/include/cdTime/cdmsint.h:171:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delta[CD_MAX_TIME_DELTA]; /* Delta, for linear rep (datatype is double, long, or chartime) */ data/cmor-3.6.0/include/cdTime/cdmsint.h:175:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileTemp[CD_MAX_PATH]; /* File template */ data/cmor-3.6.0/include/cdTime/cdmsint.h:177:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char initVal[CD_MAX_CHARTIME]; /* Initial value, for linear rep (datatype is double, long, or chartime)*/ data/cmor-3.6.0/include/cdTime/cdmsint.h:179:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char longName[CD_MAX_NAME]; /* Parameter title */ data/cmor-3.6.0/include/cdTime/cdmsint.h:181:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stat[CD_MAX_NAME]; /* Statistic */ data/cmor-3.6.0/include/cdTime/cdmsint.h:183:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CD_MAX_NAME]; /* Units in file */ data/cmor-3.6.0/include/cdTime/cdmsint.h:189:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CD_MAX_NAME]; /* Dimension name */ data/cmor-3.6.0/include/cdTime/cdmsint.h:190:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char alias[CD_MAX_NAME]; /* Dimension alias */ data/cmor-3.6.0/include/cdTime/cdmsint.h:202:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CD_MAX_NAME]; /* Dimension units */ data/cmor-3.6.0/include/cdTime/cdmsint.h:203:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delta[CD_MAX_TIME_DELTA]; /* Delta, for linear rep (datatype is double, long, or chartime) */ data/cmor-3.6.0/include/cdTime/cdmsint.h:204:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char initVal[CD_MAX_CHARTIME]; /* Initial value, for linear rep (datatype is double, long, or chartime) */ data/cmor-3.6.0/include/cdTime/cdmsint.h:211:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CD_MAX_NAME]; /* Grid name */ data/cmor-3.6.0/include/cdTime/cdmsint.h:339:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CU_MAX_PATH]; /* Full dataset pathname */ data/cmor-3.6.0/include/cdTime/cdmsint.h:378:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prjnName[21]; /* projection name */ data/cmor-3.6.0/include/cdTime/cdmsint.h:393:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trnc_type[21]; /* spectral truncation type (triangular/etc) */ data/cmor-3.6.0/include/cdTime/cdmsint.h:412:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[41]; data/cmor-3.6.0/include/cdTime/cdmsint.h:414:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lvlType[41]; data/cmor-3.6.0/include/cdTime/cdmsint.h:415:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remark[121]; data/cmor-3.6.0/include/cdTime/cdmsint.h:416:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[41]; data/cmor-3.6.0/include/cdTime/cdmsint.h:421:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char alias[CD_MAX_NAME]; /* name in the file */ data/cmor-3.6.0/include/cdTime/cdmsint.h:431:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CD_MAX_NAME]; /* parameter (official variable) name */ data/cmor-3.6.0/include/cdTime/cdmsint.h:437:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char parmUnits[CD_MAX_NAME]; /* official units */ data/cmor-3.6.0/include/cdTime/cdmsint.h:439:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remark[CD_MAX_NAME]; /* comments */ data/cmor-3.6.0/include/cdTime/cdmsint.h:444:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char statistic[CD_MAX_NAME]; /* Statistic identifier */ data/cmor-3.6.0/include/cdTime/cdmsint.h:447:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[CD_MAX_NAME]; /* parameter title */ data/cmor-3.6.0/include/cdTime/cdmsint.h:448:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CD_MAX_NAME]; /* actual units (cf. parmUnits) */ data/cmor-3.6.0/include/cdTime/cdmsint.h:561:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orderSpec[11]); /* Order specification, any permutation such as */ data/cmor-3.6.0/include/cdTime/cdmsint_new.h:59:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *pqlkey[L_pql] = { data/cmor-3.6.0/include/cdTime/cdunifint.h:145:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CU_MAX_NAME+1]; /* Attribute name */ data/cmor-3.6.0/include/cdTime/cdunifint.h:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CU_MAX_NAME+1]; /* Dimension name */ data/cmor-3.6.0/include/cdTime/cdunifint.h:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CU_MAX_NAME+1]; /* Dimension units */ data/cmor-3.6.0/include/cdTime/cdunifint.h:168:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CU_MAX_NAME+1]; /* Variable name */ data/cmor-3.6.0/include/cdTime/cdunifint.h:180:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char controlpath[CU_MAX_PATH+1]; /* Pathname of control file */ data/cmor-3.6.0/include/cdTime/cdunifint.h:181:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datapath[CU_MAX_PATH+1]; /* Pathname of datafile (e.g., for DRS) */ data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h:288:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char longname[SM_MAX_LEN+1]; data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h:289:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[SM_MAX_LEN+1]; data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h:290:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortname[SM_MAX_LEN+1]; data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h:291:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stdname[SM_MAX_LEN+1]; data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h:303:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source[SM_MAX_LEN+1]; data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h:380:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CU_MAX_NAME+1]; data/cmor-3.6.0/include/cdTime/cdunifpp/cdunifpp.h:394:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char coords[MAX_ATT_LEN+1]; data/cmor-3.6.0/include/cdTime/cfortran.h:1632:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. #define STRING_cfE static char AA0[1+MAX_LEN_FORTRAN_FUNCTION_STRING]; \ data/cmor-3.6.0/include/cdTime/cfortran.h:1639:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. #define STRING_cfE static char AA0[1+MAX_LEN_FORTRAN_FUNCTION_STRING]; \ data/cmor-3.6.0/include/cdTime/cfortran.h:1646:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. #define STRING_cfE static char A0[1+MAX_LEN_FORTRAN_FUNCTION_STRING]; \ data/cmor-3.6.0/include/cdTime/cfortran.h:2199:42: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ((B=_cf_malloc(D+1))[D]='\0', memcpy(B,A,D), kill_trailing(B,' ')) data/cmor-3.6.0/include/cdTime/cfortran.h:2235:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define RRRRPSTR( A,B,D) if (B) memcpy(A,B, _cfMIN(strlen(B),D)), \ data/cmor-3.6.0/include/cdTime/cfortran.h:2342:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(AS->dsc$a_pointer,A0,_cfMIN(AS->dsc$w_length,(A0==NULL?0:strlen(A0))));\ data/cmor-3.6.0/include/cdTime/cfortran.h:2349:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_fcdtocp(AS),A0, _cfMIN(_fcdlen(AS),(A0==NULL?0:strlen(A0))) ); \ data/cmor-3.6.0/include/cdTime/cfortran.h:2354:28: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define STRING_cfK memcpy(AS,A0, _cfMIN(D0,(A0==NULL?0:strlen(A0))) ); \ data/cmor-3.6.0/include/cdTime/drscdf.h:135:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_SOURCE[IDRS_SOURCELEN]; data/cmor-3.6.0/include/cdTime/drscdf.h:136:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_NAME[IDRS_NAMELEN]; data/cmor-3.6.0/include/cdTime/drscdf.h:137:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_TITLE[IDRS_TITLELEN]; data/cmor-3.6.0/include/cdTime/drscdf.h:138:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_UNITS[IDRS_UNITSLEN]; data/cmor-3.6.0/include/cdTime/drscdf.h:139:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_DATE[IDRS_DATELEN]; data/cmor-3.6.0/include/cdTime/drscdf.h:140:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_TIME[IDRS_TIMELEN]; data/cmor-3.6.0/include/cdTime/drscdf.h:141:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_TYPE[IDRS_TYPELEN]; data/cmor-3.6.0/include/cdTime/drscdf.h:142:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char DRS_FILENAME[IDRS_FILENAMELEN]; data/cmor-3.6.0/include/cdTime/grads.h:63:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ptname[256]; /* parameter file name */ data/cmor-3.6.0/include/cdTime/grads.h:70:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char model[256]; /* model COMMENT */ data/cmor-3.6.0/include/cdTime/grads.h:71:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char center[32]; /* data source which is the GRIB PROCESS ! NOT the GRIB CENTER */ data/cmor-3.6.0/include/cdTime/grads.h:72:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[256]; /* comment on data set which will go into the title of the .ctl file */ data/cmor-3.6.0/include/cdTime/grads.h:73:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oname[256]; /* name of the output file (dset) */ data/cmor-3.6.0/include/cdTime/grads.h:82:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vertdimname[32]; /* name of the vertial dimension */ data/cmor-3.6.0/include/cdTime/grads.h:88:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gridname[32]; /* name of the vertial dimension */ data/cmor-3.6.0/include/cdTime/grads.h:99:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var[32]; /* variable name */ data/cmor-3.6.0/include/cdTime/grads.h:100:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var_comment[256]; /* variable name */ data/cmor-3.6.0/include/cdTime/grads.h:218:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *mpdset[8]; /* Map data set names. */ data/cmor-3.6.0/include/cdTime/grads.h:363:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; /* File name. */ data/cmor-3.6.0/include/cdTime/grads.h:367:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dnam[256]; /* Descriptor file name */ data/cmor-3.6.0/include/cdTime/grads.h:378:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[80]; /* Title -- describes the file. */ data/cmor-3.6.0/include/cdTime/grads.h:578:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[8]; /* Character station id */ data/cmor-3.6.0/include/cdTime/grads.h:589:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stid[8]; data/cmor-3.6.0/include/cdTime/grads.h:600:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stid[8]; /* Station id */ data/cmor-3.6.0/include/cdTime/grads.h:643:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stid[8]; /* Station id to get */ data/cmor-3.6.0/include/cdTime/grads.h:668:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varnm[128]; /* Variable name. */ data/cmor-3.6.0/include/cdTime/grads.h:670:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abbrv[16]; /* Variable abbreviation. */ data/cmor-3.6.0/include/cdTime/grads.h:716:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argpnt[20]; /* Pointers to the argument strings */ data/cmor-3.6.0/include/cdTime/grads.h:718:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[1000]; /* Argument string buffer */ data/cmor-3.6.0/include/cdTime/grads.h:726:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[8]; /* Function name */ data/cmor-3.6.0/include/cdTime/grads.h:743:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char abbrv[20]; /* Abbreviation assigned to this */ data/cmor-3.6.0/include/cdTime/isdb.h:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char band_name[31]; /* name of band */ data/cmor-3.6.0/include/cdTime/isdb.h:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unit_name[31]; /* name of physical units */ data/cmor-3.6.0/include/cdTime/isdb.h:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prjn_name[21]; /* projection name */ data/cmor-3.6.0/include/cdTime/isdb.h:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stor_dsc[21]; /* (+x in +y)/(+x in -y)/(-y in +x)/etc */ data/cmor-3.6.0/include/cdTime/isdb.h:74:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stor_dsc[21]; /* (+x in +y)/(+x in -y)/(-y in +x)/etc */ data/cmor-3.6.0/include/cdTime/isdb.h:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trnc_type[21]; /* spectral truncation type (triangular/etc) */ data/cmor-3.6.0/include/cdTime/isdb.h:83:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char seq_name[21]; /* orb-elem sequence name */ data/cmor-3.6.0/include/cmor.h:287:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char cmor_input_path[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:289:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char cmor_traceback_info[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:293:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mapping[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:295:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes_names[CMOR_MAX_GRID_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:317:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:318:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char standard_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:319:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:322:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char long_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:323:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cname[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:336:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cvalue[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:338:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char required[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char formula[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:340:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char convert_to[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:341:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char z_factors[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:342:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char z_bounds_factors[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:346:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char generic_level_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:361:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:365:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szValue[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:377:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iunits[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:378:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:387:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes_values_char[CMOR_MAX_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:389:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes_type[CMOR_MAX_ATTRIBUTES]; /*stores attributes type */ data/cmor-3.6.0/include/cmor.h:390:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes[CMOR_MAX_ATTRIBUTES][CMOR_MAX_STRING]; /*stores attributes names */ data/cmor-3.6.0/include/cmor.h:400:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:401:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char standard_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:402:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char units[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:403:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cell_methods[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:404:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cell_measures[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:406:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char flag_values[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:407:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char flag_meanings[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:408:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char long_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:409:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:417:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunking_dimensions[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char required[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:422:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realm[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frequency[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:424:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:425:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char generic_level_name[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:449:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:454:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes_values_char[CMOR_MAX_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:456:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes_type[CMOR_MAX_ATTRIBUTES]; /*stores attributes type */ data/cmor-3.6.0/include/cmor.h:457:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes[CMOR_MAX_ATTRIBUTES][CMOR_MAX_STRING]; /*stores attributes names */ data/cmor-3.6.0/include/cmor.h:468:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunking_dimensions[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:473:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iunits[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:474:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ounits[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:483:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_path[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:484:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_path[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:485:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char suffix[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:487:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frequency[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:495:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:496:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attributes_names[CMOR_MAX_GRID_ATTRIBUTES][CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:497:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char coordinates[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:501:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:515:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mip_era[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:516:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Conventions[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:517:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data_specs_version[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:518:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTable_id[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:519:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expt_ids[CMOR_MAX_ELEMENTS][CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:520:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sht_expt_ids[CMOR_MAX_ELEMENTS][CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:521:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:532:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char URL[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:533:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char product[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:534:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realm[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:535:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:538:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md5[16]; data/cmor-3.6.0/include/cmor.h:539:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char generic_levels[CMOR_MAX_ELEMENTS][CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:547:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char names[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:548:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char values[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:552:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outpath[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:553:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conventions[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:555:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char activity_id[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:556:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tracking_prefix[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor.h:566:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char associated_file_name[CMOR_MAX_STRING]; /*associated file path */ data/cmor-3.6.0/include/cmor.h:567:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tracking_id[CMOR_MAX_STRING]; /*associated tracking id */ data/cmor-3.6.0/include/cmor.h:568:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_template[CMOR_MAX_STRING]; /* <keys> for each directory */ data/cmor-3.6.0/include/cmor.h:569:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_template[CMOR_MAX_STRING]; /* <keys> for filename */ data/cmor-3.6.0/include/cmor.h:570:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char furtherinfourl[CMOR_MAX_STRING]; /* further URL INFO template */ data/cmor-3.6.0/include/cmor.h:571:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char finalfilename[CMOR_MAX_STRING]; /* Final output file */ data/cmor-3.6.0/include/cmor.h:572:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char history_template[CMOR_MAX_STRING]; data/cmor-3.6.0/include/cmor_func_def.h:13:50: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern void cmor_md5( FILE * inputfile, unsigned char checksum[16] ); data/cmor-3.6.0/include/cmor_func_def.h:29:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern void cmor_handle_error( char error_msg[CMOR_MAX_STRING], data/cmor-3.6.0/include/cmor_func_def.h:31:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern void cmor_handle_error_var( char error_msg[CMOR_MAX_STRING], int level, data/cmor-3.6.0/include/cmor_func_def.h:161:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char att[CMOR_MAX_STRING], data/cmor-3.6.0/include/cmor_func_def.h:162:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING] ); data/cmor-3.6.0/include/cmor_func_def.h:230:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char att[CMOR_MAX_STRING], data/cmor-3.6.0/include/cmor_func_def.h:231:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING] ); data/cmor-3.6.0/include/cmor_func_def.h:244:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char att[CMOR_MAX_STRING], data/cmor-3.6.0/include/cmor_func_def.h:245:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING] ); data/cmor-3.6.0/include/cmor_func_def.h:254:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern int cmor_attribute_in_list( char *name, int n, data/cmor-3.6.0/include/cmor_func_def.h:255:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ( *atts )[CMOR_MAX_STRING] ); data/cmor-3.6.0/include/cmor_func_def.h:256:53: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern int cmor_grid_valid_mapping_attribute_names( char *name, int *natt, data/cmor-3.6.0/include/cmor_func_def.h:257:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ( *att ) data/cmor-3.6.0/include/cmor_func_def.h:260:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ( *dims ) data/cmor-3.6.0/include/cmor_func_def.h:262:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern int cmor_set_grid_mapping( int gid, char *name, int nparam, data/cmor-3.6.0/include/cmor_func_def.h:263:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *attributes_names, int lparams, data/cmor-3.6.0/include/cmor_func_def.h:272:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char att[CMOR_MAX_STRING], data/cmor-3.6.0/include/cmor_func_def.h:273:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[CMOR_MAX_STRING] ); data/cmor-3.6.0/include/cmor_func_def.h:291:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern int cmor_load_table( char table[CMOR_MAX_STRING], int *table_id ); data/cmor-3.6.0/include/cmor_func_def.h:292:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern int cmor_load_table_internal( char table[CMOR_MAX_STRING], data/cmor-3.6.0/include/cmor_func_def.h:294:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern int cmor_search_table( char szTable[CMOR_MAX_STRING], data/cmor-3.6.0/include/cmor_md5.h:18:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char in[64]; data/cmor-3.6.0/include/cmor_md5.h:24:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void cvs_MD5Final PROTO( ( unsigned char digest[16], data/cmor-3.6.0/include/cmor_md5.h:27:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. PROTO( ( cvs_uint32 buf[4], const unsigned char in[64] ) ); data/cmor-3.6.0/Src/_cmormodule.c:503:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&tmpstr[ierr * (cell_bounds_ndim + 1)], data/cmor-3.6.0/Src/cdTime/cdRegTrfm.c:51:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ngeom->prjn_name,geom->prjnName,21); data/cmor-3.6.0/Src/cdTime/cdTimeConv.c:179:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(basetime,"1"); data/cmor-3.6.0/Src/cmor.c:157:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tmp); data/cmor-3.6.0/Src/cmor.c:199:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((pstr[strlen(src)] == ' ') || data/cmor-3.6.0/Src/cmor.c:200:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (pstr[strlen(src)] == 0) || (pstr[strlen(src)] == '.')) { data/cmor-3.6.0/Src/cmor.c:200:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (pstr[strlen(src)] == 0) || (pstr[strlen(src)] == '.')) { data/cmor-3.6.0/Src/cmor.c:232:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((offset = strlen(dest))) { data/cmor-3.6.0/Src/cmor.c:233:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(dest + offset, " "); data/cmor-3.6.0/Src/cmor.c:236:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(dest + offset, src, spare_space); data/cmor-3.6.0/Src/cmor.c:238:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, src, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:264:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(astr); i++) { data/cmor-3.6.0/Src/cmor.c:292:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:292:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:293:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, cmor_tables[table_id].forcings[j], data/cmor-3.6.0/Src/cmor.c:294:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:295:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg, ",", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:295:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, ",", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:297:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). msg[strlen(msg) - 1] = '\0'; data/cmor-3.6.0/Src/cmor.c:328:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szTableExptID, data/cmor-3.6.0/Src/cmor.c:331:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szTableShtExptID, data/cmor-3.6.0/Src/cmor.c:341:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szExptID, szTableShtExptID, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:361:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(in); data/cmor-3.6.0/Src/cmor.c:420:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cmor_traceback_info) == 0) { data/cmor-3.6.0/Src/cmor.c:424:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_traceback_info, tmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:437:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(tmp, ""); data/cmor-3.6.0/Src/cmor.c:438:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(cmor_traceback_info); i++) { data/cmor-3.6.0/Src/cmor.c:457:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(version, nc_inq_libvers(), 50); data/cmor-3.6.0/Src/cmor.c:493:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, uunits, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:541:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(version, nc_inq_libvers(), 50); data/cmor-3.6.0/Src/cmor.c:795:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_traceback_info, ""); data/cmor-3.6.0/Src/cmor.c:937:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy(cmor_input_path, ".", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1166:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy(cmor_current_dataset.associated_file_name, "", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1167:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy(cmor_current_dataset.finalfilename, "", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1174:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy(cmor_grids[i].mapping, "", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1445:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k = strlen(value); data/cmor-3.6.0/Src/cmor.c:1491:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int)strlen(name) > CMOR_MAX_STRING) { data/cmor-3.6.0/Src/cmor.c:1495:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name, (int)strlen(name), CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1511:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_current_dataset.attributes[i].values, ""); data/cmor-3.6.0/Src/cmor.c:1568:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_current_dataset.attributes[n].names, msg, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1589:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > CMOR_MAX_STRING) { data/cmor-3.6.0/Src/cmor.c:1609:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(value, cmor_current_dataset.attributes[n].values, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1625:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int)strlen(name) > CMOR_MAX_STRING) { data/cmor-3.6.0/Src/cmor.c:1629:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name, (int)strlen(name), CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:1763:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(values); i++) { data/cmor-3.6.0/Src/cmor.c:1804:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(values); i++) { data/cmor-3.6.0/Src/cmor.c:1824:21: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(((char **)*target)[j], msg2, 12); data/cmor-3.6.0/Src/cmor.c:1856:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(((char **)*target)[j], msg2, 12); data/cmor-3.6.0/Src/cmor.c:1883:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(formula_terms); data/cmor-3.6.0/Src/cmor.c:2509:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (nread = read(fd_from, buf, sizeof buf), nread > 0) { data/cmor-3.6.0/Src/cmor.c:2690:21: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(ctmp, "climatology_bnds", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:2692:21: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(ctmp, "time_bnds", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:2779:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ctmp2, cmor_tables[nVarRefTblID].product, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:2941:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(words, ctmp + m[i].rm_so, numchar); data/cmor-3.6.0/Src/cmor.c:2949:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (strlen(trimword) != strlen(ctmp))) { data/cmor-3.6.0/Src/cmor.c:2949:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (strlen(trimword) != strlen(ctmp))) { data/cmor-3.6.0/Src/cmor.c:2954:25: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(ctmp2, trimword, numchar); data/cmor-3.6.0/Src/cmor.c:2956:25: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(ctmp2, " "); data/cmor-3.6.0/Src/cmor.c:2957:25: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(ctmp2, trimword, numchar); data/cmor-3.6.0/Src/cmor.c:3008:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ctmp, ctmp2, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:3058:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(msg) + 1, msg); data/cmor-3.6.0/Src/cmor.c:3074:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(msg) + 1, msg); data/cmor-3.6.0/Src/cmor.c:3122:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_current_dataset.tracking_id, value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:3123:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmor_current_dataset.tracking_id, "/"); data/cmor-3.6.0/Src/cmor.c:3126:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_current_dataset.tracking_id, myuuid_str, data/cmor-3.6.0/Src/cmor.c:3243:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). itmp2 = strlen(cmor_current_dataset.attributes[i].values); data/cmor-3.6.0/Src/cmor.c:3246:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(cmor_current_dataset.attributes[i].values); data/cmor-3.6.0/Src/cmor.c:3303:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). itmp2 = strlen(value); data/cmor-3.6.0/Src/cmor.c:3425:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, cmor_axes[nAxisID].cvalues[j], CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:3426:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k = strlen(msg); data/cmor-3.6.0/Src/cmor.c:3442:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k = strlen(cmor_tables[cmor_axes[j].ref_table_id].axes data/cmor-3.6.0/Src/cmor.c:3563:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(msg) >= strlen(ctmp)) { data/cmor-3.6.0/Src/cmor.c:3563:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(msg) >= strlen(ctmp)) { data/cmor-3.6.0/Src/cmor.c:3564:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = 0; j < strlen(msg) - strlen(ctmp) + 1; j++) { data/cmor-3.6.0/Src/cmor.c:3564:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = 0; j < strlen(msg) - strlen(ctmp) + 1; j++) { data/cmor-3.6.0/Src/cmor.c:3565:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(ctmp, &msg[j], strlen(ctmp)) == 0) { data/cmor-3.6.0/Src/cmor.c:3573:21: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:3573:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:3574:21: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, ctmp, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:3574:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, ctmp, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:3577:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, ctmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:3653:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ctmp, pAxis->id, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:3654:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(ctmp, "_bnds", CMOR_MAX_STRING - strlen(ctmp)); data/cmor-3.6.0/Src/cmor.c:3654:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(ctmp, "_bnds", CMOR_MAX_STRING - strlen(ctmp)); data/cmor-3.6.0/Src/cmor.c:3665:21: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(ctmp, "climatology_bnds", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:3729:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ierr = nc_put_att_text(ncafid, nc_vars[i], msg, strlen(ctmp) + 1, data/cmor-3.6.0/Src/cmor.c:3753:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, data/cmor-3.6.0/Src/cmor.c:3756:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(msg) + 1; data/cmor-3.6.0/Src/cmor.c:3797:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(msg) + 1; data/cmor-3.6.0/Src/cmor.c:3802:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(msg); data/cmor-3.6.0/Src/cmor.c:3807:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(msg) + 1; data/cmor-3.6.0/Src/cmor.c:3811:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, data/cmor-3.6.0/Src/cmor.c:3814:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(msg) + 1; data/cmor-3.6.0/Src/cmor.c:3827:21: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(msg, ""); data/cmor-3.6.0/Src/cmor.c:3829:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ctmp, cmor_axes[cmor_vars[var_id].axes_ids[i]].id, data/cmor-3.6.0/Src/cmor.c:3831:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(ctmp, ":", CMOR_MAX_STRING - strlen(ctmp)); data/cmor-3.6.0/Src/cmor.c:3831:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(ctmp, ":", CMOR_MAX_STRING - strlen(ctmp)); data/cmor-3.6.0/Src/cmor.c:3832:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). icd = strlen(ctmp); data/cmor-3.6.0/Src/cmor.c:3833:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). itmpmsg = strlen(msg); data/cmor-3.6.0/Src/cmor.c:3840:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). itmp2 = strlen(ctmp); data/cmor-3.6.0/Src/cmor.c:3850:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). icd = strlen(ctmp2); data/cmor-3.6.0/Src/cmor.c:3861:29: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(ctmp2, " (interval: ", data/cmor-3.6.0/Src/cmor.c:3862:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(ctmp2)); data/cmor-3.6.0/Src/cmor.c:3863:29: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(ctmp2, ctmp, data/cmor-3.6.0/Src/cmor.c:3864:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(ctmp2)); data/cmor-3.6.0/Src/cmor.c:3865:29: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(ctmp2, ")", data/cmor-3.6.0/Src/cmor.c:3866:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(ctmp2)); data/cmor-3.6.0/Src/cmor.c:3869:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ierr = strlen(ctmp2) - icd; data/cmor-3.6.0/Src/cmor.c:3870:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). itmp3 = strlen(msg); data/cmor-3.6.0/Src/cmor.c:4084:29: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, data/cmor-3.6.0/Src/cmor.c:4088:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor.c:4277:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k = strlen(cmor_tables[cmor_axes[j].ref_table_id].axes data/cmor-3.6.0/Src/cmor.c:4406:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(appending_to, ""); /* initialize to nothing */ data/cmor-3.6.0/Src/cmor.c:4407:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outname, ""); data/cmor-3.6.0/Src/cmor.c:4408:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(ctmp, ""); data/cmor-3.6.0/Src/cmor.c:4409:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(msg, ""); data/cmor-3.6.0/Src/cmor.c:4410:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(ctmp2, ""); data/cmor-3.6.0/Src/cmor.c:4411:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outpath, ""); data/cmor-3.6.0/Src/cmor.c:4485:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szPathTemplate, cmor_current_dataset.path_template, data/cmor-3.6.0/Src/cmor.c:4495:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(outname) > 0) && (outname[strlen(outname)] != '/')) { data/cmor-3.6.0/Src/cmor.c:4495:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(outname) > 0) && (outname[strlen(outname)] != '/')) { data/cmor-3.6.0/Src/cmor.c:4530:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(outname, "/", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:4530:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "/", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:4534:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(cmor_vars[var_id].id); i++) { data/cmor-3.6.0/Src/cmor.c:4557:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(outname, outpath, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:4566:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outname, msg, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:4566:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, msg, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:4571:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(outname, ".nc", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:4571:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, ".nc", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:4709:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(ctmp2), ctmp2); data/cmor-3.6.0/Src/cmor.c:5325:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(cmor_axes[cmor_vars[var_id].axes_ids[i]].cvalues[j]); data/cmor-3.6.0/Src/cmor.c:5563:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(szJoin, tmp, szFirstItem - tmp); data/cmor-3.6.0/Src/cmor.c:5586:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(szInternalAtt, szToken, strlen(szToken)); data/cmor-3.6.0/Src/cmor.c:5586:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(szInternalAtt, szToken, strlen(szToken)); data/cmor-3.6.0/Src/cmor.c:5614:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strcmp(&szJoin[strlen(szJoin) - 1], separator) == 0) { data/cmor-3.6.0/Src/cmor.c:5615:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). szJoin[strlen(szJoin) - 1] = '\0'; data/cmor-3.6.0/Src/cmor.c:5636:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(szVersion, "v"); data/cmor-3.6.0/Src/cmor.c:5672:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tmp) > 4) { data/cmor-3.6.0/Src/cmor.c:5692:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5692:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5699:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tmp) > 4) { data/cmor-3.6.0/Src/cmor.c:5719:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5719:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5727:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tmp) > 4) { data/cmor-3.6.0/Src/cmor.c:5747:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5747:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5754:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tmp) > 4) { data/cmor-3.6.0/Src/cmor.c:5775:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5775:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(variant, tmp, CMOR_MAX_STRING - strlen(variant)); data/cmor-3.6.0/Src/cmor.c:5788:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szValue, "-"); data/cmor-3.6.0/Src/cmor.c:5880:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(frequency, cmor_vars[var_id].frequency, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:5986:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5986:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5987:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outname, start_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5987:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, start_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5988:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(outname, "-", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5988:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "-", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5989:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outname, end_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5989:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, end_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5993:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(outname, "-clim", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:5993:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "-clim", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:6002:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(cmor_vars[var_id].suffix); data/cmor-3.6.0/Src/cmor.c:6019:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(msg, ""); data/cmor-3.6.0/Src/cmor.c:6025:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, cmor_vars[var_id].suffix, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:6028:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(msg) > 0) { data/cmor-3.6.0/Src/cmor.c:6029:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:6029:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:6030:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outname, msg, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:6030:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, msg, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:6032:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(outname, ".nc", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:6032:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, ".nc", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor.c:6238:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(file_name, outname, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:6240:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_current_dataset.finalfilename, outname, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor.c:6441:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(in); data/cmor-3.6.0/Src/cmor.c:6461:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(out); data/cmor-3.6.0/Src/cmor_CV.c:376:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szFurtherInfoURLTemplate, cmor_current_dataset.furtherinfourl, data/cmor-3.6.0/Src/cmor_CV.c:386:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szFurtherInfoURLTemplate, cmor_current_dataset.furtherinfourl, data/cmor-3.6.0/Src/cmor_CV.c:400:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szFurtherInfoURL, szFurtherInfoBaseURL, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:401:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szFurtherInfoURL, "/"); data/cmor-3.6.0/Src/cmor_CV.c:402:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(szFurtherInfoURL, szFurtherInfoFileURL, data/cmor-3.6.0/Src/cmor_CV.c:403:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(szFurtherInfoFileURL)); data/cmor-3.6.0/Src/cmor_CV.c:481:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szAddSourceType, " "); data/cmor-3.6.0/Src/cmor_CV.c:483:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szAddSourceTypeCpy, " "); data/cmor-3.6.0/Src/cmor_CV.c:491:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szReqSourceType, " "); data/cmor-3.6.0/Src/cmor_CV.c:493:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szReqSourceTypeCpy, " "); data/cmor-3.6.0/Src/cmor_CV.c:679:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szSubstring, CV_source_id->oValue[j].szValue, data/cmor-3.6.0/Src/cmor_CV.c:681:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nLen = strlen(CV_source_id->oValue[j].szValue); data/cmor-3.6.0/Src/cmor_CV.c:973:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szValue, "-"); data/cmor-3.6.0/Src/cmor_CV.c:1161:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(szBranchMethod) == 0) { data/cmor-3.6.0/Src/cmor_CV.c:1713:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1713:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1714:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outname, start_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1714:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, start_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1715:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(outname, "-", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1715:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "-", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1716:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outname, end_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1716:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, end_string, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1721:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(outname, "-clim", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1721:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "-clim", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1728:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(cmor_vars[0].suffix); data/cmor-3.6.0/Src/cmor_CV.c:1744:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(szTmp, ""); data/cmor-3.6.0/Src/cmor_CV.c:1750:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szTmp, cmor_vars[0].suffix, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:1753:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(szTmp) > 0) { data/cmor-3.6.0/Src/cmor_CV.c:1754:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1754:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, "_", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1755:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outname, szTmp, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1755:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, szTmp, CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1758:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(outname, ".nc", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1758:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(outname, ".nc", CMOR_MAX_STRING - strlen(outname)); data/cmor-3.6.0/Src/cmor_CV.c:1946:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szTmp, attr_CV->aszValue[i], CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:1952:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nValueLen = strlen(szTmp); data/cmor-3.6.0/Src/cmor_CV.c:1954:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szTmp, "$"); data/cmor-3.6.0/Src/cmor_CV.c:1957:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(attr_CV->aszValue[i], szTmp, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:2013:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szValids, "\""); data/cmor-3.6.0/Src/cmor_CV.c:2014:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szOutput, attr_CV->aszValue[i], CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:2079:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szCompare, CV_grid_labels->aszValue[i], CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:2081:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szCompare, &CV_grid_labels->aszValue[i][1], data/cmor-3.6.0/Src/cmor_CV.c:2082:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(CV_grid_labels->aszValue[i]) - 2); data/cmor-3.6.0/Src/cmor_CV.c:2083:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). szCompare[strlen(CV_grid_labels->aszValue[i]) - 2] = '\0'; data/cmor-3.6.0/Src/cmor_CV.c:2126:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szCompare, CV_grid_resolution->aszValue[i], data/cmor-3.6.0/Src/cmor_CV.c:2130:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(szCompare, &CV_grid_resolution->aszValue[i][1], data/cmor-3.6.0/Src/cmor_CV.c:2131:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(CV_grid_resolution->aszValue[i]) - 2); data/cmor-3.6.0/Src/cmor_CV.c:2132:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). szCompare[strlen(CV_grid_resolution->aszValue[i]) - 2] = '\0'; data/cmor-3.6.0/Src/cmor_CV.c:2389:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_vars[vrid].suffix, ""); data/cmor-3.6.0/Src/cmor_CV.c:2390:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_vars[vrid].base_path, ""); data/cmor-3.6.0/Src/cmor_CV.c:2391:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_vars[vrid].current_path, ""); data/cmor-3.6.0/Src/cmor_CV.c:2417:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].id, name, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:2419:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].id, refvar.out_name, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:2444:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].ounits, units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:2446:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].ounits, refvar.units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_CV.c:2455:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].iunits, units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_axes.c:77:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(inunits); data/cmor-3.6.0/Src/cmor_axes.c:80:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sshort, &inunits[i], 5); data/cmor-3.6.0/Src/cmor_axes.c:93:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, inunits, oui - 1); data/cmor-3.6.0/Src/cmor_axes.c:166:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(outunits); data/cmor-3.6.0/Src/cmor_axes.c:169:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sshort, &outunits[i], 5); data/cmor-3.6.0/Src/cmor_axes.c:191:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(inunits); data/cmor-3.6.0/Src/cmor_axes.c:194:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sshort, &inunits[i], 5); data/cmor-3.6.0/Src/cmor_axes.c:208:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(loutunits, outunits, oui); data/cmor-3.6.0/Src/cmor_axes.c:211:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(loutunits, msg, CMOR_MAX_STRING - strlen(loutunits)); data/cmor-3.6.0/Src/cmor_axes.c:211:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(loutunits, msg, CMOR_MAX_STRING - strlen(loutunits)); data/cmor-3.6.0/Src/cmor_axes.c:213:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(loutunits, outunits, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_axes.c:315:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_axes[id].attributes[index], msg, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_axes.c:319:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(value) > 0) data/cmor-3.6.0/Src/cmor_axes.c:1366:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(ctmp); data/cmor-3.6.0/Src/cmor_axes.c:1443:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(ctmp); data/cmor-3.6.0/Src/cmor_axes.c:1883:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). j = strlen(&((char *)coord_vals)[i * k]); data/cmor-3.6.0/Src/cmor_axes.c:1899:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_axes[cmor_naxes].cvalues[i], data/cmor-3.6.0/Src/cmor_axes.c:1910:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). j = strlen(&refaxis.crequested[0]); data/cmor-3.6.0/Src/cmor_axes.c:1925:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(ctmp)) == 0) data/cmor-3.6.0/Src/cmor_axes.c:2235:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(axis->units, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_axes.c:2250:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(axis->generic_level_name, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_axes.c:2320:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(val); i++) { data/cmor-3.6.0/Src/cmor_axes.c:2322:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (val[i] == ',') || (val[i] == '"')) && (i < strlen(val))) { data/cmor-3.6.0/Src/cmor_axes.c:2327:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (i < strlen(val))) { data/cmor-3.6.0/Src/cmor_axes.c:2408:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(val); i++) { data/cmor-3.6.0/Src/cmor_axes.c:2419:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (i < strlen(val))) { data/cmor-3.6.0/Src/cmor_axes.c:2491:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). axis->crequested = malloc((strlen(val) + 1) * sizeof(char)); data/cmor-3.6.0/Src/cmor_axes.c:2498:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (long int)strlen(val) + 1, axis->id); data/cmor-3.6.0/Src/cmor_grids.c:31:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(mapping->coordinates, ""); data/cmor-3.6.0/Src/cmor_grids.c:32:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mapping->id, id, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:267:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(ctmp, "m"); data/cmor-3.6.0/Src/cmor_grids.c:271:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(ctmp, "m"); data/cmor-3.6.0/Src/cmor_grids.c:283:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_grids[grid_id].attributes_names[iatt], name, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:477:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mapping->coordinates, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:496:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mapping->attributes_names[n], val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:542:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lattributes_names[i], achar, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:543:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lunits[i], bchar, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:605:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, msg2, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:605:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, msg2, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:658:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_grids[grid_id].mapping, name, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:693:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, cmor_tables[table_id].vars[j].standard_name, data/cmor-3.6.0/Src/cmor_grids.c:772:15: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:772:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:773:15: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, cmor_vars[*coord_grid_id].id, data/cmor-3.6.0/Src/cmor_grids.c:774:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:778:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, cmor_vars[*coord_grid_id].id, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:837:15: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:837:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:839:15: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, cmor_vars[*coord_grid_id].id, data/cmor-3.6.0/Src/cmor_grids.c:840:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:844:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, cmor_vars[*coord_grid_id].id, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_grids.c:994:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:994:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:995:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, data/cmor-3.6.0/Src/cmor_grids.c:998:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:1001:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, data/cmor-3.6.0/Src/cmor_grids.c:1048:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:1048:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, " ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:1049:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, data/cmor-3.6.0/Src/cmor_grids.c:1052:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_grids.c:1055:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, data/cmor-3.6.0/Src/cmor_md5.c:295:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(inputfile); data/cmor-3.6.0/Src/cmor_md5.c:299:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(inputfile); data/cmor-3.6.0/Src/cmor_tables.c:19:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int i = fgetc(afile); data/cmor-3.6.0/Src/cmor_tables.c:22:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). i = fgetc(afile); data/cmor-3.6.0/Src/cmor_tables.c:303:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->sht_expt_ids[table->nexps], att, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:304:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->expt_ids[table->nexps], val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:325:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(value, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:356:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (i < (strlen(value))) { data/cmor-3.6.0/Src/cmor_tables.c:360:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (i < (strlen(value)) && value[i] != ' ') { data/cmor-3.6.0/Src/cmor_tables.c:370:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->Conventions, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:373:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->data_specs_version, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:376:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->mip_era, value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:379:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->realm, value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:382:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->date, value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:385:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->URL, value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:394:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->product, value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:410:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(value); data/cmor-3.6.0/Src/cmor_tables.c:439:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (n = 0; n < strlen(value) - 1; n++) data/cmor-3.6.0/Src/cmor_tables.c:441:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(value); data/cmor-3.6.0/Src/cmor_tables.c:450:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = 0; j < strlen(value); j++) { data/cmor-3.6.0/Src/cmor_tables.c:457:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->expt_ids[table->nexps], value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:458:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(table->sht_expt_ids[table->nexps], ""); data/cmor-3.6.0/Src/cmor_tables.c:464:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = n + 1; j < strlen(value); j++) { data/cmor-3.6.0/Src/cmor_tables.c:472:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->expt_ids[table->nexps], value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:473:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(table->sht_expt_ids[table->nexps], ""); data/cmor-3.6.0/Src/cmor_tables.c:475:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = i + 1; j < strlen(value); j++) { data/cmor-3.6.0/Src/cmor_tables.c:479:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->sht_expt_ids[table->nexps], value2, data/cmor-3.6.0/Src/cmor_tables.c:482:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(table->expt_ids[table->nexps], value, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_tables.c:574:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szControlFilenameJSON, "/"); data/cmor-3.6.0/Src/cmor_tables.c:577:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szAxisEntryFilenameJSON, "/"); data/cmor-3.6.0/Src/cmor_tables.c:580:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szFormulaVarFilenameJSON, "/"); data/cmor-3.6.0/Src/cmor_tables.c:590:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szControlFilenameJSON, "/"); data/cmor-3.6.0/Src/cmor_tables.c:593:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szAxisEntryFilenameJSON, "/"); data/cmor-3.6.0/Src/cmor_tables.c:596:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szFormulaVarFilenameJSON, "/"); data/cmor-3.6.0/Src/cmor_variables.c:143:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[id].attributes[index], msg, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:149:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(value) > 0) { data/cmor-3.6.0/Src/cmor_variables.c:153:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_vars[id].attributes[index], ""); data/cmor-3.6.0/Src/cmor_variables.c:280:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(value, cmor_vars[id].attributes_values_char[index], data/cmor-3.6.0/Src/cmor_variables.c:313:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((index == -1) || strlen(attribute_name) == 0) { data/cmor-3.6.0/Src/cmor_variables.c:322:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(msg) == 0) { data/cmor-3.6.0/Src/cmor_variables.c:345:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(attributes_names[i], cmor_vars[id].attributes[i], data/cmor-3.6.0/Src/cmor_variables.c:468:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, cmor_vars[var_id].ounits, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:482:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:602:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, name, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:603:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(msg, "_bnds", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:603:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, "_bnds", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:654:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, cmor_vars[var_id].ounits, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:670:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:785:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1117:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_vars[vrid].suffix, ""); data/cmor-3.6.0/Src/cmor_variables.c:1118:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_vars[vrid].base_path, ""); data/cmor-3.6.0/Src/cmor_variables.c:1119:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmor_vars[vrid].current_path, ""); data/cmor-3.6.0/Src/cmor_variables.c:1154:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].id, name, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1156:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].id, refvar.out_name, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1178:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].ounits, units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1180:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].ounits, refvar.units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1189:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmor_vars[vrid].iunits, units, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1210:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, comment, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1211:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(msg, ", ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1211:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, ", ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1212:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, szActivity, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1212:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, szActivity, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1213:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(msg, "_table_comment: ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1213:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, "_table_comment: ", CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1214:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, refvar.comment, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1214:60: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, refvar.comment, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:1217:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, comment, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1636:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(msg, " "); data/cmor-3.6.0/Src/cmor_variables.c:1638:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(msg, ")"); data/cmor-3.6.0/Src/cmor_variables.c:1685:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy(msg, "", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1793:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(msg, "Reordered dimensions, original order:", CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1798:13: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg, ctmp, CMOR_MAX_STRING - strlen(ctmp)); data/cmor-3.6.0/Src/cmor_variables.c:1798:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg, ctmp, CMOR_MAX_STRING - strlen(ctmp)); data/cmor-3.6.0/Src/cmor_variables.c:1927:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->required, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1931:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->id, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1935:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->standard_name, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1939:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->long_name, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1943:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->comment, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:1947:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n0 = strlen(val); data/cmor-3.6.0/Src/cmor_variables.c:1994:21: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->generic_level_name, dim, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2033:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->units, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2037:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->cell_methods, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2041:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->cell_measures, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2045:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->cell_measures, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2081:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->chunking_dimensions, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2133:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->realm, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2137:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->frequency, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2141:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->flag_values, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2145:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->flag_meanings, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2149:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(var->out_name, val, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2508:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, avar->ounits, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2523:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(local_unit, avar->iunits, CMOR_MAX_STRING); data/cmor-3.6.0/Src/cmor_variables.c:2683:25: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_min, msg2, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:2683:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_min, msg2, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:2717:25: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_max, msg2, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Src/cmor_variables.c:2717:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_max, msg2, CMOR_MAX_STRING - strlen(msg)); data/cmor-3.6.0/Test/ipcc_test_code.c:239:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(interval, ""); data/cmor-3.6.0/Test/ipcc_test_code.c:298:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(interval, ""); data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c:105:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(landUse[0], "primary_and_secondary_land", CMOR_MAX_STRING); data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c:106:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(landUse[1], "pastures", CMOR_MAX_STRING); data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c:107:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(landUse[2], "crops", CMOR_MAX_STRING); data/cmor-3.6.0/Test/test_cmor_nwdFracLut.c:108:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(landUse[3], "urban", CMOR_MAX_STRING); data/cmor-3.6.0/Test/test_lots_of_variables.c:285:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(interval, ""); data/cmor-3.6.0/Test/test_unit_cat_unique.c:26:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dest, ""); data/cmor-3.6.0/include/cdTime/cddrsint.h:56:32: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). #define VDB_STRING_SET(d,s,n) {strncpy((d),((s && strcmp(s,"")) ? s : CW_STRING_NULL),(n));(d)[(n)-1]='\0';cw_strtrim((d));} data/cmor-3.6.0/include/cdTime/cdmsint.h:63:58: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). #define cdSetCharTime(vp,val) {char *cp; cp=(char*)(vp); strncpy(cp,(val),CD_MAX_CHARTIME); cp[CD_MAX_CHARTIME-1]='\0';} data/cmor-3.6.0/include/cdTime/cfortran.h:587:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). e = s + strlen(s); data/cmor-3.6.0/include/cdTime/cfortran.h:1831:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define STRING_cfC(M,I,A,B,C) (B.clen=strlen(A),B.f.dsc$a_pointer=A, \ data/cmor-3.6.0/include/cdTime/cfortran.h:1836:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). B.dsc$w_length=strlen(A): (A[C-1]='\0',B.dsc$w_length=strlen(A), \ data/cmor-3.6.0/include/cdTime/cfortran.h:1836:69: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). B.dsc$w_length=strlen(A): (A[C-1]='\0',B.dsc$w_length=strlen(A), \ data/cmor-3.6.0/include/cdTime/cfortran.h:1839:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define STRING_cfC(M,I,A,B,C) (B.nombre=A,B.clen=strlen(A), \ data/cmor-3.6.0/include/cdTime/cfortran.h:1842:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define PSTRING_cfC(M,I,A,B,C) (C==sizeof(char*)? B=strlen(A): \ data/cmor-3.6.0/include/cdTime/cfortran.h:1843:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (A[C-1]='\0',B=strlen(A),memset((A)+B,' ',C-B-1),B=C-1)); data/cmor-3.6.0/include/cdTime/cfortran.h:2235:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define RRRRPSTR( A,B,D) if (B) memcpy(A,B, _cfMIN(strlen(B),D)), \ data/cmor-3.6.0/include/cdTime/cfortran.h:2236:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (D>strlen(B)?memset(A+strlen(B),' ', D-strlen(B)):0), _cf_free(B); data/cmor-3.6.0/include/cdTime/cfortran.h:2236:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (D>strlen(B)?memset(A+strlen(B),' ', D-strlen(B)):0), _cf_free(B); data/cmor-3.6.0/include/cdTime/cfortran.h:2236:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (D>strlen(B)?memset(A+strlen(B),' ', D-strlen(B)):0), _cf_free(B); data/cmor-3.6.0/include/cdTime/cfortran.h:2342:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(AS->dsc$a_pointer,A0,_cfMIN(AS->dsc$w_length,(A0==NULL?0:strlen(A0))));\ data/cmor-3.6.0/include/cdTime/cfortran.h:2343:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). AS->dsc$w_length>(A0==NULL?0:strlen(A0))? \ data/cmor-3.6.0/include/cdTime/cfortran.h:2344:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(AS->dsc$a_pointer+(A0==NULL?0:strlen(A0)),' ', \ data/cmor-3.6.0/include/cdTime/cfortran.h:2345:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). AS->dsc$w_length-(A0==NULL?0:strlen(A0))):0; data/cmor-3.6.0/include/cdTime/cfortran.h:2349:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(_fcdtocp(AS),A0, _cfMIN(_fcdlen(AS),(A0==NULL?0:strlen(A0))) ); \ data/cmor-3.6.0/include/cdTime/cfortran.h:2350:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _fcdlen(AS)>(A0==NULL?0:strlen(A0))? \ data/cmor-3.6.0/include/cdTime/cfortran.h:2351:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(_fcdtocp(AS)+(A0==NULL?0:strlen(A0)),' ', \ data/cmor-3.6.0/include/cdTime/cfortran.h:2352:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _fcdlen(AS)-(A0==NULL?0:strlen(A0))):0; data/cmor-3.6.0/include/cdTime/cfortran.h:2354:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define STRING_cfK memcpy(AS,A0, _cfMIN(D0,(A0==NULL?0:strlen(A0))) ); \ data/cmor-3.6.0/include/cdTime/cfortran.h:2355:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). D0>(A0==NULL?0:strlen(A0))?memset(AS+(A0==NULL?0:strlen(A0)), \ data/cmor-3.6.0/include/cdTime/cfortran.h:2355:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). D0>(A0==NULL?0:strlen(A0))?memset(AS+(A0==NULL?0:strlen(A0)), \ data/cmor-3.6.0/include/cdTime/cfortran.h:2356:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ' ', D0-(A0==NULL?0:strlen(A0))):0; ANALYSIS SUMMARY: Hits = 1330 Lines analyzed = 36044 in approximately 1.49 seconds (24159 lines/second) Physical Source Lines of Code (SLOC) = 26817 Hits@level = [0] 704 [1] 421 [2] 769 [3] 0 [4] 132 [5] 8 Hits@level+ = [0+] 2034 [1+] 1330 [2+] 909 [3+] 140 [4+] 140 [5+] 8 Hits/KSLOC@level+ = [0+] 75.8474 [1+] 49.5954 [2+] 33.8964 [3+] 5.22057 [4+] 5.22057 [5+] 0.298318 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.