Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.h Examining data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c Examining data/cpl-7.1.2+dfsg/cpldfs/tests/cpl_dfs-test.c Examining data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c Examining data/cpl-7.1.2+dfsg/cpldfs/md5.c Examining data/cpl-7.1.2+dfsg/cpldfs/md5.h Examining data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.h Examining data/cpl-7.1.2+dfsg/libcext/tests/cxslist-test.c Examining data/cpl-7.1.2+dfsg/libcext/tests/cxstring-test.c Examining data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c Examining data/cpl-7.1.2+dfsg/libcext/tests/cxlist-test.c Examining data/cpl-7.1.2+dfsg/libcext/tests/cxdeque-test.c Examining data/cpl-7.1.2+dfsg/libcext/tests/cxmap-test.c Examining data/cpl-7.1.2+dfsg/libcext/tests/cxtypes-test.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxlist.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxlist.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmap.h Examining data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxtree.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxdeque.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxutils.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmemory.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxfileutils.h Examining data/cpl-7.1.2+dfsg/libcext/cext/snprintf.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxfileutils.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxslist.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmultimap.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxthread.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmacros.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmultimap.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxdeque.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxstring.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmap.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxutils.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxtree.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxmemory.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxtypes.h Examining data/cpl-7.1.2+dfsg/libcext/cext/cxslist.c Examining data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c Examining data/cpl-7.1.2+dfsg/libltdl/lt__strl.c Examining data/cpl-7.1.2+dfsg/libltdl/slist.c Examining data/cpl-7.1.2+dfsg/libltdl/lt_dlloader.c Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__private.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt_error.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__alloc.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__glibc.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/slist.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__argz_.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__dirent.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt_system.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__strl.h Examining data/cpl-7.1.2+dfsg/libltdl/libltdl/lt_dlloader.h Examining data/cpl-7.1.2+dfsg/libltdl/ltdl.h Examining data/cpl-7.1.2+dfsg/libltdl/lt__alloc.c Examining data/cpl-7.1.2+dfsg/libltdl/loaders/dlopen.c Examining data/cpl-7.1.2+dfsg/libltdl/loaders/preopen.c Examining data/cpl-7.1.2+dfsg/libltdl/loaders/shl_load.c Examining data/cpl-7.1.2+dfsg/libltdl/loaders/dld_link.c Examining data/cpl-7.1.2+dfsg/libltdl/loaders/loadlibrary.c Examining data/cpl-7.1.2+dfsg/libltdl/loaders/dyld.c Examining data/cpl-7.1.2+dfsg/libltdl/loaders/load_add_on.c Examining data/cpl-7.1.2+dfsg/libltdl/lt_error.c Examining data/cpl-7.1.2+dfsg/libltdl/ltdl.c Examining data/cpl-7.1.2+dfsg/libltdl/lt__argz.c Examining data/cpl-7.1.2+dfsg/libltdl/lt__dirent.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_fit_body.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_detector.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_phys_const.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_fit.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_ppm.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_photom.h Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_geom_img-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fft-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_ppm-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_photom-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_apertures-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_detector-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wlcalib-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fit-test.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_wlcalib.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_detector.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_wlcalib_impl.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_detector_body.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_fft.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_fit.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_fft.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_geom_img.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_geom_img.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_wlcalib.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_geom_img_body.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures_img.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_photom.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.h Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c Examining data/cpl-7.1.2+dfsg/cpldrs/cpl_ppm.c Examining data/cpl-7.1.2+dfsg/cpljava/cpl_gasgano.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_init.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_array.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_gen_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_msg.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mask_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_version.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_memory.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_macros.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_io.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_stats_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_vector_fit_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_type_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_bivector.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_property_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mask_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_io_fits.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_stats.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_memory_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_io_fits.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_resample.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_xmemory.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_io_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_errorstate.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_fft.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_column.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_bivector-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_io_fits-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_plot-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_iqe-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_filter-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_array-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter_body.h Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_io-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_property-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_median-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_resample-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_msg-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_matrix-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test_init-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_memory-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_stats-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_math-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_type-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_fits-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_bpm-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_polynomial-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_basic-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_gen-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_imagelist_basic-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_errorstate-test.c Examining data/cpl-7.1.2+dfsg/cplcore/tests/cpl_imagelist_io-test.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_io.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_tools.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_plot.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_cfitsio.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_table.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_filter.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_array.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_defs.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_type.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_type.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_gen.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_memory.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_vector_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_column_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_tools.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_gen.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_bpm_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_bpm_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_property.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_io.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_errorstate.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_vector.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_basic.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_iqe.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_cfitsio.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_column.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_stats.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_fft_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_test.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_error_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_fits.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_resample.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_fits.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_error.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mask_defs.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_array_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_io_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_stats_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_xmemory.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_basic_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_math_const.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_error.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_iqe.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_tools_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_stats_defs.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_table.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mask_binary.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_defs.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_stats_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_matrix_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_stats.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mask.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_property.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_bivector.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_resample_body.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_stats.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic_impl.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_bpm.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image_bpm.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_image.h Examining data/cpl-7.1.2+dfsg/cplcore/cpl_init.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_test.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_basic.c Examining data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_parameter.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_frameset_io.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_framedata.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_plugin.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_plugin.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_recipe.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_pluginlist.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_plugininfo.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_frame_impl.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_parameter.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_frameset.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_recipeconfig.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_frameset_io-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_parameterlist-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_framedata-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_frameset-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_recipedefine-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_pluginlist-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_plugin-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_recipeconfig-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_parameter-test.c Examining data/cpl-7.1.2+dfsg/cplui/tests/cpl_frame-test.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_recipeconfig.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_frame.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_recipedefine.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_frame.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_frameset_io.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_frameset.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_pluginlist.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_recipedefine.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_framedata.c Examining data/cpl-7.1.2+dfsg/cplui/cpl_parameterlist.h Examining data/cpl-7.1.2+dfsg/cplui/cpl_parameterlist.c Examining data/cpl-7.1.2+dfsg/cpl.h FINAL RESULTS: data/cpl-7.1.2+dfsg/cplcore/cpl_array.c:5246:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stream, "Array with %" CPL_SIZE_FORMAT, data/cpl-7.1.2+dfsg/cplcore/cpl_image_io.c:2587:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code( fprintf(stream, CPL_MSG, data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:807:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code( fprintf(stream, CPL_MSG, (int)self->ni) >= msgmin, data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:814:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code( fprintf(stream, CPL_IMSG, i, (int)self->ni) >= imsgmin, data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:857:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code( fprintf(stream, CPL_IMSG, (int)i, data/cpl-7.1.2+dfsg/cplcore/cpl_macros.h:82:55: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define CPL_ATTR_PRINTF(A,B) __attribute__((format (printf, A, B))) data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:369:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stream, " %6" CPL_SIZE_FORMAT, j); data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.c:936:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(result->version, MPFIT_VERSION); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:946:36: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. case CPL_MSG_DEBUG : fprintf(logfile, DEBUG_STRING); break; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:947:36: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. case CPL_MSG_INFO : fprintf(logfile, INFO_STRING); break; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:948:36: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. case CPL_MSG_WARNING : fprintf(logfile, WARNING_STRING); break; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:949:36: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. case CPL_MSG_ERROR : fprintf(logfile, ERROR_STRING); break; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:1073:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(logfile_name, name); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:1415:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(domain, name); data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1505:27: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. const int nstat = system(command); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21596:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, F_OK)) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:24835:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, F_OK) == 0) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:24837:17: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, W_OK) != 0) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:24898:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, F_OK) != 0) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:24902:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, W_OK) != 0) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:24925:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, F_OK) != 0) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:24929:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, W_OK) != 0) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25092:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, F_OK)) data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25095:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, W_OK)) data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25111:14: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access(filename, F_OK)) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25112:17: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(filename, W_OK)) { data/cpl-7.1.2+dfsg/cplcore/cpl_test.c:1005:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. expression = system(cmd) == 0 ? CPL_TRUE : CPL_FALSE; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:1792:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. syscode = system("perl -pi -e 's/(DELKEY += +.DELVALUE.)/" data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:2029:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. syscode = system("perl -pi -e 's/(DELKEY. +=)( +.DELVALUE.)/" data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:2527:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. syscode = system("perl -pi -e 's/EPOCH /ESOCH /' " BASE "_32.fits"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:2730:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. syscode = system(RMCARDQUOTE(KEYBASE, MYFILE)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:2862:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. syscode = system(RMCARDQUOTE(KEYBASE, MYFILE)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:2983:19: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. syscode = system(RMCARDQUOTE(KEYBASE, MYFILE)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:3074:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. syscode = system(RMCARDQUOTE(KEYBASE, MYFILE)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:369:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system("perl -pi -e 'BEGIN{sleep(1)};/NAXIS1/ and s/" data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:388:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system("perl -pi -e '/NAXIS1/ and s/ " data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:861:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_ID, level); data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1028:14: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_ID, level); data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1042:14: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_DRS_ID, level); data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1053:14: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_PIPE_ID, level); data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1076:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_RAWi_NAME, level, data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1084:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_RAWi_CATG, level, data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1138:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_CALi_NAME, level, data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1146:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_CALi_CATG, level, data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1154:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_CALi_DATAMD5, level, data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1267:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(cval, FLEN_VALUE, PRO_RECi_PARAMi_NAME, level, npar); data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1271:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. keylen = snprintf(cval, FLEN_VALUE, PRO_RECi_PARAMi_VALUE, level, npar); data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:2339:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code(fprintf(paf, PAF_KEY_FORMAT "\"%s\"\n", data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:2343:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code(fprintf(paf, PAF_KEY_FORMAT "\"%s\" ; # %s\n", data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:2374:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code(fprintf(paf, PAF_KEY_FORMAT "%.15g\n", data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:2378:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code(fprintf(paf, PAF_KEY_FORMAT "%.15g ; # %s\n", data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:2405:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code(fprintf(paf, PAF_KEY_FORMAT "%" CPL_SIZE_FORMAT "\n", data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:2409:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_ensure_code(fprintf(paf, PAF_KEY_FORMAT "%" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cpldfs/tests/cpl_dfs-test.c:947:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. cpl_test_leq(1, fprintf(stream, self, "SIMPLE ASCII file - not FITS\n")); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:192:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, " %6" CPL_SIZE_FORMAT " %6" CPL_SIZE_FORMAT, data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:194:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, " %6" CPL_SIZE_FORMAT " %6" CPL_SIZE_FORMAT, data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:196:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, " % 6" CPL_SIZE_FORMAT, self->npix[i]); data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:2113:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(headptr, keybuf); data/cpl-7.1.2+dfsg/cplui/tests/cpl_frameset_io-test.c:188:23: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. cpl_test_zero(system(cmd)); data/cpl-7.1.2+dfsg/cplui/tests/cpl_frameset_io-test.c:238:27: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. cpl_test_zero(system(cmd)); data/cpl-7.1.2+dfsg/libcext/cext/cxutils.c:304:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. return vsnprintf(string, n, format, args); data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:203:8: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #ifdef snprintf data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:204:8: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #undef snprintf data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:206:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #ifdef vsnprintf data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:207:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #undef vsnprintf data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:271:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf rpl_snprintf data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:272:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf rpl_vsnprintf data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:1497:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(NULL, 0, format, aq); data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:1501:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. return vsnprintf(*ret, size, format, ap); data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:1526:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(str, size, format, ap); data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:2056:18: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. r1 = sprintf(buf1, fmt[i], val[j]); \ data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:2057:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. r2 = snprintf(buf2, sizeof(buf2), fmt[i], val[j]); \ data/cpl-7.1.2+dfsg/libcext/cext/snprintf.h:42:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf rpl_snprintf data/cpl-7.1.2+dfsg/libcext/cext/snprintf.h:46:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf rpl_vsnprintf data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__private.h:117:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void * system; /* system specific data */ data/cpl-7.1.2+dfsg/libltdl/loaders/dlopen.c:229:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (attempt, "%s%s", filename, member); data/cpl-7.1.2+dfsg/libltdl/loaders/loadlibrary.c:170:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(wpath, filename); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:522:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (filename, "%.*s/%s", (int) dirname_len, dirname, dlname); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:718:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (filename, dir_name); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:724:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (filename +lendir, base_name); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:785:19: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int notfound = access (filename, R_OK); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:922:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (name, "lib%s", p+2); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1212:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(attempt, "%s%s", filename, ext); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1307:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (archive_name, "%s%s.%s", libprefix, name + 3, libext); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1311:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (archive_name, "%s.%s", name, libext); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1820:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, dirnam); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2063:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->vtable->sym_prefix); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2064:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, handle->info.name); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2068:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->info.name); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2072:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, symbol); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2090:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->vtable->sym_prefix); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2091:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, symbol); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2095:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, symbol); data/cpl-7.1.2+dfsg/cplcore/cpl_init.c:109:39: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * memory_mode_string = getenv("CPL_MEMORY_MODE"); data/cpl-7.1.2+dfsg/cplcore/cpl_init.c:110:40: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * io_fits_mode_string = getenv("CPL_IO_MODE"); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:1128:26: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * level = getenv("CPL_MSG_LEVEL"); data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1315:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return getenv("CPL_PLOTTER") ? getenv("CPL_PLOTTER") data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1315:36: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return getenv("CPL_PLOTTER") ? getenv("CPL_PLOTTER") data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1335:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return getenv("CPL_IMAGER") ? getenv("CPL_IMAGER") data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1335:35: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return getenv("CPL_IMAGER") ? getenv("CPL_IMAGER") data/cpl-7.1.2+dfsg/cplcore/cpl_test.c:975:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * checker = getenv(CPL_TEST_FITS); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_fits-test.c:173:40: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * io_fits_mode_string = getenv("CPL_IO_MODE"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_median-test.c:82:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(1); /* Fix the seed for repeatable results. */ data/cpl-7.1.2+dfsg/cplcore/tests/cpl_memory-test.c:167:39: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * memory_mode_string = getenv("CPL_MEMORY_MODE"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_memory-test.c:193:39: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * memory_mode_string = getenv("CPL_MEMORY_MODE"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test-test.c:337:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv(CPL_TEST_FITS)) { data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test-test.c:482:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv(CPL_TEST_FITS)) { data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:93:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("OMP_NUM_THREADS") ? atoi(getenv("OMP_NUM_THREADS")) : data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:93:42: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("OMP_NUM_THREADS") ? atoi(getenv("OMP_NUM_THREADS")) : data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:894:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(1); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:951:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("CPL_VALARRAY_SIZE")) { data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:952:36: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const int nvalarray = atoi(getenv("CPL_VALARRAY_SIZE")); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:193:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. value = getenv("CX_DEBUG"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:401:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. value = getenv("CX_MESSAGES_PREFIXED"); data/cpl-7.1.2+dfsg/libcext/tests/cxstring-test.c:565:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. verbose = getenv("VERBOSE") != NULL ? TRUE : FALSE; data/cpl-7.1.2+dfsg/libltdl/loaders/loadlibrary.c:199:14: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. module = LoadLibrary (wpath); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1361:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. search_path = getenv (LTDL_SEARCHPATH_VAR); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1369:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. search_path = getenv (LT_MODULE_PATH_VAR); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1469:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. && !find_handle (getenv (LTDL_SEARCHPATH_VAR), base_name, data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1472:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. && !find_handle (getenv (LT_MODULE_PATH_VAR), base_name, data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1925:33: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv(LTDL_SEARCHPATH_VAR), 0, data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1932:33: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv(LT_MODULE_PATH_VAR), 0, data/cpl-7.1.2+dfsg/cplcore/cpl_bivector.c:307:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/cpl-7.1.2+dfsg/cplcore/cpl_bivector.c:313:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in = fopen(filename, "r"); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2104:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->d, data, column->length * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2167:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->cd, data, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2219:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->i, data, column->length * sizeof(int)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2266:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->l, data, column->length * sizeof(long)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2314:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->ll, data, column->length * sizeof(long long)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2362:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->sz, data, column->length * sizeof(cpl_size)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2404:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->f, data, column->length * sizeof(float)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2446:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->cf, data, column->length * sizeof(float complex)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2488:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->d, data, column->length * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:2530:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->cd, data, column->length * sizeof(double complex)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:6807:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->d + start, values, count * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:6874:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->cd + start, values, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:6933:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->i + start, values, count * sizeof(int)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:6990:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->l + start, values, count * sizeof(long)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:7047:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->ll + start, values, count * sizeof(long long)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:7103:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->sz + start, values, count * sizeof(cpl_size)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:7158:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->f + start, values, count * sizeof(float)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:7215:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->cf + start, values, count * sizeof(float complex)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:7271:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->cd + start, values, count * sizeof(double complex)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:7326:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(column->values->d + start, values, count * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:8470:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->i, column->values->i, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:8477:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:8675:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:9113:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:9551:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:9989:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:10434:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:10876:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:11341:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:11884:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12280:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->i, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12287:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->l, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12294:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->ll, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12301:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->sz, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12308:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->f, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12315:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->d, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12322:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->cf, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12329:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->values->cd, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12498:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->i + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12503:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->l + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12508:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->ll + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12513:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->sz + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12518:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->f + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12523:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->d + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12528:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->cf + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:12533:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(target_column->values->cd + position, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:21042:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:21131:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, column->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:21219:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, self->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:21309:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_column->null, self->null, data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:23293:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copybuf, ip, length * sizeof(int)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:23344:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copybuf, lp, length * sizeof(long)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:23395:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copybuf, lp, length * sizeof(long long)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:23446:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copybuf, lp, length * sizeof(cpl_size)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:23497:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copybuf, fp, length * sizeof(float)); data/cpl-7.1.2+dfsg/cplcore/cpl_column.c:23547:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copybuf, dp, length * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_error.c:230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cfitsio_msg[FLEN_ERRMSG]; data/cpl-7.1.2+dfsg/cplcore/cpl_error.c:305:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char regex_msg[CPL_ERROR_MAX_MESSAGE_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/cpl_error.c:520:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cpl_error_where_string[MAX_WHERE_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/cpl_error_impl.h:206:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char function[MAX_NAME_LENGTH+1]; data/cpl-7.1.2+dfsg/cplcore/cpl_error_impl.h:207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[MAX_FILE_LENGTH+1]; data/cpl-7.1.2+dfsg/cplcore/cpl_error_impl.h:208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CPL_ERROR_MAX_MESSAGE_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1055:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf6, i0+j-1, 3*sizeof(*buf6)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1056:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf6+3, i1+j-1, 3*sizeof(*buf6)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1071:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out, in, (Nx-1)*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1202:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf6, i0+j-1, 3*sizeof(*buf6)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1203:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf6+3, i1+j-1, 3*sizeof(*buf6)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1221:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out, istop-(Nx+1), (Nx+1)*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1311:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(in_larger + rx + y*Nx_larger, data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1452:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out, in, (Nx*Ny)*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1493:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out, in, (ry*Nx+rx)*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1527:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(o, i, 2*rx*sizeof(*o)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1620:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(o, i, 2*rx*sizeof(*o)); data/cpl-7.1.2+dfsg/cplcore/cpl_filter_median.c:1629:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out, in, (ry*Nx + rx)*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/cpl_fits.c:227:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c_extname[FLEN_VALUE] = ""; data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic.c:2874:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pim1, im2->pixels, (ury - (ypos - 1)) * linesz); data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic.c:2886:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pim1, pim2, linesz); data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic.c:3427:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cpl_mask_get_data(self->bpm), data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic.c:3436:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cpl_mask_get_data(self->bpm), data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic.c:3475:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cpl_mask_get_data(self->bpm), data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic_body.h:88:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cpl_mask_get_data(self->bpm), data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic_body.h:96:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cpl_mask_get_data(self->bpm), data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic_body.h:1671:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(row, pfirst, rowsize); data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic_body.h:1672:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pfirst, plast, rowsize); data/cpl-7.1.2+dfsg/cplcore/cpl_image_basic_body.h:1673:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(plast, row, rowsize); data/cpl-7.1.2+dfsg/cplcore/cpl_image_bpm.c:362:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cpl_mask_get_data(cpl_image_get_bpm(im)), data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter_body.h:158:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(window + k, inj + x1, data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter_body.h:260:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(vout, vin, (size_t)(nx * ry + rx) * sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter_body.h:314:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out + (size_t)(nx * y + x), data/cpl-7.1.2+dfsg/cplcore/cpl_image_filter_body.h:323:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out + (size_t)(nx * y - rx), data/cpl-7.1.2+dfsg/cplcore/cpl_image_io.c:1893:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. self = memcpy(cpl_malloc(sizeof(cpl_image)), src, sizeof(cpl_image)); data/cpl-7.1.2+dfsg/cplcore/cpl_image_io.c:1898:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->pixels, src->pixels, (size_t)src->nx * (size_t)src->ny data/cpl-7.1.2+dfsg/cplcore/cpl_image_iqe.c:575:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_fb, fb, 9 * sizeof(float)); data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:560:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(tmp, self, sizeof(*tmp)); data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:561:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self, dest, sizeof(*tmp)); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:765:30: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpl_malloc(sz), in->data, sz)); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1201:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self, first, nxy); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1258:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self, first, nxy); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1402:39: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. size_t * word1 = (size_t*)memcpy(pout, pin, (size_t)in->nx); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1672:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pin1, pin2, (size_t)(ury - (y_pos - 1)) * linesz); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1680:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pin1, pin2, linesz); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1728:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(row, pfirst, rowsize); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1729:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pfirst, plast, rowsize); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:1730:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(plast, row, rowsize); data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:2666:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pout + first, data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:2679:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pj + part, pin + part, data/cpl-7.1.2+dfsg/cplcore/cpl_mask.c:2688:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pj, pin, (size_t)nx * sizeof(cpl_binary)); data/cpl-7.1.2+dfsg/cplcore/cpl_mask_body.h:86:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self, other, hx + hy * (size_t)nx); data/cpl-7.1.2+dfsg/cplcore/cpl_mask_body.h:103:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self - hx, other + hy * (size_t)nx, data/cpl-7.1.2+dfsg/cplcore/cpl_mask_body.h:132:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self - hx, other + hy * (size_t)nx, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:165:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(swap, pos1 + ncol, NBLOCK * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:166:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pos1 + ncol, pos2 + ncol, NBLOCK * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:167:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pos2 + ncol, swap, NBLOCK * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:171:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(swap, pos1, ncol * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:172:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pos1, pos2, ncol * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:173:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pos2, swap, ncol * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1726:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, matrix->m + (size_t)(matrix->nr * matrix->nc - szcp), data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1734:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, drow + (size_t)matrix->nc, (size_t)szcp * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1737:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, copy, (size_t)szcp * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1745:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, matrix->m, (size_t)szcp * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1752:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, drow - (size_t)matrix->nc, (size_t)szcp * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1755:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, copy, (size_t)szcp * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1764:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, matrix->m + (size_t)(matrix->nr * matrix->nc - szcp), data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1770:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, crow + (size_t)matrix->nc, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1772:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow + (size_t)cshift, crow + (size_t)cshift, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1776:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, drow + (size_t)matrix->nc, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1779:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, copy, (size_t)cshift * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1788:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, matrix->m, (size_t)szcp * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1795:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow - (size_t)(matrix->nc + cshift), crow - (size_t)cshift, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1797:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, crow, (size_t)-cshift * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1800:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, drow - (size_t)matrix->nc, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1803:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, copy + (size_t)(szcp + cshift), data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1813:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, matrix->m + (size_t)(matrix->nr * matrix->nc - szcp), data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1820:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, drow - (size_t)matrix->nc, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1825:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, crow, (size_t)-cshift * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1826:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow - (size_t)(matrix->nc + cshift), data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1838:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, matrix->m, (size_t)szcp * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1843:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, drow + (size_t)matrix->nc, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1848:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow, crow + (size_t)(matrix->nc - cshift), data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:1850:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drow + (size_t)cshift, crow, data/cpl-7.1.2+dfsg/cplcore/cpl_matrix.c:4936:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(copybuf, matrix->m, (size_t)size * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.h:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[20]; /* MPFIT version string */ data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:194:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char domain[CPL_MAX_DOMAIN_NAME] = "Undefined domain"; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:195:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char logfile_name[CPL_MAX_LOGFILE_NAME] = ".logfile"; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:266:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _timestamp[TIME_ISO8601_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:521:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_text[CPL_MAX_MSG_LENGTH] = ""; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:522:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_log[CPL_MAX_MSG_LENGTH] = ""; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:523:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_term[CPL_MAX_MSG_LENGTH] = ""; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:524:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char split[CPL_MAX_MSG_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:558:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_timestamp[10]; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:924:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timeLabel[TIME_ISO8601_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:926:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((logfile = fopen(logfile_name, "w")) == NULL) data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:326:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((tmpfd=fopen(names[i-1], "w"))==NULL) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:442:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((tmpfd=fopen(names[i], "w"))==NULL) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1255:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((tmpfd=fopen(names[i-1], "w"))==NULL) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1392:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). data = fopen(tmp, "w"); data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1450:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). data = fopen(tmp, "w"); data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:1924:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(swap, self, sizeof(cpl_polynomial)); data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:1925:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self, original, sizeof(cpl_polynomial)); data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:1926:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(original, swap, sizeof(cpl_polynomial)); data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:2941:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. self->coef = memcpy(cpl_malloc((size_t)self->nz data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:2949:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->coef, oldbuf, data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:3282:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy((void*)self->coef, (const void*)other->coef, data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:3903:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->coef + i, second->coef + i, data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:3909:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->coef + i, first->coef + i, data/cpl-7.1.2+dfsg/cplcore/cpl_polynomial.c:4015:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->coef + i, first->coef + i, data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:154:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[CPL_PROPERTY_SIZE]; /* Container for a normal property */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:330:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->name, name, allocsz - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:537:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. self = memcpy(cx_malloc(sizeof(*self)), other, data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:556:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. self->value = memcpy(cx_malloc(size), other->value, size); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:563:22: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. self->name = memcpy(self->data + CPL_PROPERTY_SIZE - self->nsize, data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:573:22: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. self->name = memcpy(cx_malloc(size), other->name, size); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:586:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. self->comment = memcpy(cx_malloc(size), other->comment, size); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:828:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->name, cx_string_get_(name), allocsz - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:966:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->comment, cx_string_get_(comment), allocsz - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1069:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1126:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &myvalue, sizeof(myvalue)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1180:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1234:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1288:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1342:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1396:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1453:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->value, cx_string_get_(value), allocsz - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1574:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1629:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, &value, sizeof(value)); /* Inlined */ data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unquote[FLEN_COMMENT]; /* String buffer for decoded string */ data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:434:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keystr[FLEN_KEYWORD]; /* Needed for %s */ data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:435:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(keystr, keyname, keylen); data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:732:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[FLEN_CARD]; data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:733:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keystr[FLEN_KEYWORD]; /* Needed for regexp filter */ data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:795:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(keystr, keymem, keylen); data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:897:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char badchar[2] = {cardi[compos], '\0'}; data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:1042:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char **putkey[FLEN_KEYWORD] = data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:8643:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numparse[FLEN_VALUE]; data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:8645:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(numparse, card + iparsed, FITS_CARD_LEN - iparsed); data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:8759:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pparseval->unquote + vallen, card + iparsed, data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:8777:31: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(pparseval->unquote + vallen, card + iparsed, data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:8823:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char dsep[2] = {',', ')'}; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:8028:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_table->select, table->select, data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21556:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char colname[FLEN_VALUE]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char colunit[FLEN_VALUE]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21558:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[FLEN_COMMENT]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21559:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyname[FLEN_KEYWORD]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21560:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scolnum[5]; /* Keeping column numbers up to 9999 */ data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21578:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_text[FLEN_STATUS]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:21781:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(scolnum, "%d", i + 1); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:23402:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyname[FLEN_KEYWORD]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:23403:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyvalue[FLEN_VALUE]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:23541:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyname[FLEN_KEYWORD]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:24014:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&values[stride], cdata, depth * sizeof *cdata); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25078:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tnull[FLEN_KEYWORD]; data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25674:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tnull, "TNULL%d", i + 1); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25750:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tnull, "TNULL%d", i + 1); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25829:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tnull, "TNULL%d", i + 1); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25898:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tnull, "TNULL%d", i + 1); data/cpl-7.1.2+dfsg/cplcore/cpl_test.c:506:23: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void)strcpy(logfile + (1 + dotpos - filename), "log"); data/cpl-7.1.2+dfsg/cplcore/cpl_test.c:3104:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * stream = fopen(file, "r"); data/cpl-7.1.2+dfsg/cplcore/cpl_test.c:3107:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[CPL_MAX_MSG_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/cpl_tools.c:547:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self, csrc + rowsize * (size_t)(lly-1), data/cpl-7.1.2+dfsg/cplcore/cpl_tools.c:565:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cself, csrc, rowsize); data/cpl-7.1.2+dfsg/cplcore/cpl_tools.c:635:64: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. void * (*myshift)(void *, const void *, size_t) = dy ? memcpy : memmove; data/cpl-7.1.2+dfsg/cplcore/cpl_tools.c:653:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(prdest, prsrc, srmove); data/cpl-7.1.2+dfsg/cplcore/cpl_tools.h:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stack[CPL_IFALLOC_SZ]; data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:290:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in = fopen(filename, "r"); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:296:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:702:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(destination->data, source->data, data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1161:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, self->data, irem * sizeof(*copy)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1163:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self->data + ishift, copy, irem * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1169:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, self->data + irem, ishift * sizeof(*copy)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1171:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self->data, copy, ishift * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1181:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data + ishift, other->data, irem * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1182:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, other->data + irem, ishift * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1185:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self->data, other->data, (size_t)n * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1432:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out->data, &(v->data[istart]), (size_t)out->size * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector.c:1615:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(darr, v->data, (size_t)v->size * sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/cpl_vector_fit_impl.h:905:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. a_keep = memcpy(a_data, a_da, (size_t)M * sizeof(*a_data)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_array-test.c:65:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_bivector-test.c:149:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_out = fopen(filename, "w"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:114:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[CPL_ERROR_MAX_MESSAGE_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter-test.c:365:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(dest, sour, nx*ny*sizeof(double)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter-test.c:374:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(dest, sour, nx*ny*sizeof(float)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter-test.c:382:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(dest, sour, nx*ny*sizeof(int)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter_body.h:81:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out, in, (Ry*Nx+Rx)*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter_body.h:92:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out-Rx, in + y * Nx - Rx, 2*Rx*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter_body.h:108:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out + Nx-Rx, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_filter_body.h:116:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out, in + y * Nx, Ry*Nx*sizeof(*out)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_basic-test.c:1246:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(memcpy(cpl_image_get_data_int(ref), buf9, 9*sizeof(int)), data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_basic-test.c:1250:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(memcpy(cpl_image_get_data_int(raw), rot9, 9*sizeof(int)), data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_io-test.c:75:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_iqe-test.c:61:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_image_resample-test.c:85:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_imagelist_io-test.c:82:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:119:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:782:22: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_nonnull(memcpy(cpl_mask_get_data(raw), buf9, 9*sizeof(cpl_binary))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:862:30: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_nonnull(memcpy(cpl_mask_get_data(raw), data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:873:30: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_nonnull(memcpy(cpl_mask_get_data(raw), data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:915:30: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_nonnull(memcpy(cpl_mask_get_data(raw), data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2123:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(datain, dataout, nx * ny * sizeof(cpl_binary)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2210:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(datain, dataout, nx * ny * sizeof(cpl_binary)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2365:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self, other, hx + hy * nx); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2378:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self - hx, other - hx + hy * nx, 2 * hx); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2402:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self - hx, other - hx + hy * nx, hx + hy * nx); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2443:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self, other, hx + hy * nx); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2456:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self - hx, other - hx + hy * nx, 2 * hx); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_mask-test.c:2480:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(self - hx, other - hx + hy * nx, hx + hy * nx); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_matrix-test.c:223:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_median-test.c:287:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(datacopy, data, sizeof(double)*n); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_median-test.c:303:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(datacopy, data, sizeof(double)*n); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_median-test.c:345:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(original, data, sizeof(double)*n); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_median-test.c:351:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, original, sizeof(double)*n); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_median-test.c:362:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(datacopy, data, sizeof(double)*n); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_msg-test.c:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[STR_LENGTH+1]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_msg-test.c:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char toolong[CPL_MAX_MSG_LENGTH]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_polynomial-test.c:163:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_polynomial-test.c:2519:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* sfilei = fopen(is_debug ? filei : "/dev/null", "w"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_polynomial-test.c:2522:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* sfile0 = fopen(is_debug ? file0 : "/dev/null", "w"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_polynomial-test.c:2525:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* sfile1 = fopen(is_debug ? file1 : "/dev/null", "w"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_polynomial-test.c:2528:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* sfilep = fopen(is_debug ? filep : "/dev/null", "w"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_polynomial-test.c:2618:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* sfile = fopen(is_debug ? file : "/dev/null", "w"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_property-test.c:91:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:235:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stringarray[FLEN_VALUE]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:265:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_stats-test.c:161:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[80]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:252:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *scheck[25]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:254:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *names[2]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:397:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Writing to row %d of the Float column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:406:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Writing to row %d of the CFloat column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:443:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:448:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Setting array at position %d of the AInt column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:457:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Getting array %d of the AInt column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:461:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:473:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:478:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Setting array at position %d of the ALongLong column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:487:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Getting array %d of the ALongLong column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:491:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:503:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:508:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:518:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Getting array %d of the AFloat column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:522:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:536:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:541:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:551:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Getting array %d of the CAFloat column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:555:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:569:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:574:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:582:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Getting array %d of the ADouble column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:586:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:601:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:606:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:615:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Getting array %d of the CADouble column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:619:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:2767:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Writing to row %d of the \"Sequence\" column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:2892:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[80]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:2907:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:3722:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %d of result column... ", i); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5397:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[80]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5398:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *names[2]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5436:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5462:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5526:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5570:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5782:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[80]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5804:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5810:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5870:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_table-test.c:5925:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Check element %" CPL_SIZE_FORMAT data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test-test.c:486:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(CPL_TEST_FITS_NAME, "w"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test_init-test.c:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char generated_filename[1024]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:76:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:97:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:104:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:110:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:118:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:127:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:137:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:149:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(c15, memcpy(c15, p15, sizeof(p15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:164:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cf15, memcpy(cf15, pf15, sizeof(pf15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:177:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cf15, memcpy(cf15, pf15, sizeof(pf15))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:298:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cd, memcpy(cd, dd, n * sizeof(*dd))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:303:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cd, memcpy(cd, dd, n * sizeof(*dd))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:310:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cf, memcpy(cf, df, n * sizeof(*df))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:315:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cf, memcpy(cf, df, n * sizeof(*df))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:322:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(ci, memcpy(ci, di, n * sizeof(*di))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:327:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(ci, memcpy(ci, di, n * sizeof(*di))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:398:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cd, memcpy(cd, dd, n * sizeof(*dd))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:404:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cf, memcpy(cf, df, n * sizeof(*df))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:410:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(ci, memcpy(ci, di, n * sizeof(*di))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:484:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cd, memcpy(cd, dd, n * sizeof(*dd))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:491:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cd, memcpy(cd, dd, n * sizeof(*dd))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:501:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cf, memcpy(cf, df, n * sizeof(*df))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:508:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(cf, memcpy(cf, df, n * sizeof(*df))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:517:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(ci, memcpy(ci, di, n * sizeof(*di))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_tools-test.c:524:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(ci, memcpy(ci, di, n * sizeof(*di))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:87:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:93:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). getenv("OMP_NUM_THREADS") ? atoi(getenv("OMP_NUM_THREADS")) : data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:101:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:303:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(filename, "cpl_vector_dump.txt"); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:305:31: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cpl_test_nonnull( f_out = fopen(filename, "w") ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:952:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int nvalarray = atoi(getenv("CPL_VALARRAY_SIZE")); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_vector-test.c:1085:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[81]; data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cval[FLEN_VALUE]; data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1723:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char card[FLEN_CARD]; data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1758:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5sum[MD5HASHSZ + 1]; data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1866:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char digest[(MD5HASHSZ)>>1]; data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1957:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. nsize = sprintf(md5sum, data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:1980:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(md5sum, "d41d8cd98f00b204e9800998ecf8427e", data/cpl-7.1.2+dfsg/cpldfs/cpl_dfs.c:2124:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). paf = fopen(filename, "w"); data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:580:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_s, &value[1], length - 2); data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:1874:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self->_m_naxis, other->_m_naxis, sz); data/cpl-7.1.2+dfsg/cpldfs/md5.c:117:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, buf, len); data/cpl-7.1.2+dfsg/cpldfs/md5.c:120:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, buf, t); data/cpl-7.1.2+dfsg/cpldfs/md5.c:129:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->in, buf, 64); data/cpl-7.1.2+dfsg/cpldfs/md5.c:138:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->in, buf, len); data/cpl-7.1.2+dfsg/cpldfs/md5.c:182:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(ctx->in + 56, ctx->bits, 8); data/cpl-7.1.2+dfsg/cpldfs/md5.c:186:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(digest, ctx->buf, 16); data/cpl-7.1.2+dfsg/cpldfs/md5.h:28:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char in[64]; data/cpl-7.1.2+dfsg/cpldfs/tests/cpl_dfs-test.c:943:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * stream = fopen(self, "w"); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:898:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(swap, sorted_apert, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:899:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sorted_apert, self, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:900:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self, swap, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:980:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(swap, sorted_apert, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:981:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sorted_apert, self, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:982:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self, swap, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:1062:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(swap, sorted_apert, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:1063:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sorted_apert, self, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_apertures.c:1064:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self, swap, sizeof(cpl_apertures)); data/cpl-7.1.2+dfsg/cpldrs/cpl_detector_body.h:72:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(bpmcopy + (doit - bpm), doit, data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:136:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(in_bt, in_b, nxin * sizeof(CPL_FFTW_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:145:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_b, *pbufout, nxin * sizeof(CPL_FFTW_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:193:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(in_bt, in_b, nxin * sizeof(CPL_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:209:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out_bj, out_bhj, nxh * sizeof(*out_bj)); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:215:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(out_b, out_bt, nxh * sizeof(CPL_FFTW_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:286:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(in_bt, in_b, nxin * sizeof(CPL_FFTW_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:295:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_b, *pbufout, nxin * sizeof(CPL_FFTW_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:342:27: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(in_bhj, in_bj, nxh * sizeof(*in_bhj)); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:348:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(*pbufin, in_b, nxh * sizeof(CPL_FFTW_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_fft_body.h:356:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_b, *pbufout, nxout * sizeof(CPL_TYPE) * nyin); data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:336:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void)sprintf(naxd, "%d", i); /* Cannot overflow buffer */ data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:831:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(med_work, xi_work, (size_t)n * sizeof(double)); data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:832:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(med_work + n, eta_work, (size_t)n * sizeof(double)); data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:961:40: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. const int keylen = sprintf(cd, "CD%1d_%1d", i, j); data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:2051:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keybuf[162], keyname[FLEN_KEYWORD], *headptr; data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:2088:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(keybuf, data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:2120:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(headptr, data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_apertures-test.c:119:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fit-test.c:119:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fit-test.c:1000:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *p[7] = { /* Parameter names */ data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fit-test.c:1027:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *fp[3] = { /* Physical parameter names */ data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fit-test.c:1613:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(memcpy(cpl_vector_get_data(vcopy), data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fit-test.c:1819:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(memcpy(image_data, values, image_bytes), image_data); data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_fit-test.c:2011:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. cpl_test_eq_ptr(memcpy(image_data, values[i], image_bytes), image_data); data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_photom-test.c:116:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftrans = fopen("planck1.txt", "w"); data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_photom-test.c:148:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftrans = fopen("planck2.txt", "w"); data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c:51:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *skeys[NSK] = {"CTYPE1", "CTYPE2"}; data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c:52:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *skeys_tab[NSK] = {"TCTYP3","TCTYP5"}; data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c:54:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *dkeys[NDK] = {"CRVAL1", "CRVAL2", "CRPIX1", "CRPIX2", data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c:57:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *dkeys_tab[NDK] = {"TCRVL3","TCRVL5","TCRPX3","TCRPX5", data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c:61:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ikeys[NIK] = {"NAXIS","NAXIS1","NAXIS2"}; data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c:64:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *svals[NSK] = {"RA---ZPN", "DEC--ZPN"}; data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wcs-test.c:71:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *svals2[NSK] = {"RA---ZPN", "DEC--ZPN"}; data/cpl-7.1.2+dfsg/cpldrs/tests/cpl_wlcalib-test.c:123:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cpljava/cpl_gasgano.c:1908:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, ¶m, ptrsz); data/cpl-7.1.2+dfsg/cplui/tests/cpl_frame-test.c:213:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out = fopen(filename2, "w"); data/cpl-7.1.2+dfsg/cplui/tests/cpl_frameset-test.c:184:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out = fopen(filename1, "w"); data/cpl-7.1.2+dfsg/cplui/tests/cpl_plugin-test.c:83:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/cplui/tests/cpl_recipedefine-test.c:115:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ? fopen("/dev/null", "a") : stdout; data/cpl-7.1.2+dfsg/libcext/cext/cxdeque.c:87:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&_members[deque->front], deque->members, data/cpl-7.1.2+dfsg/libcext/cext/cxdeque.c:124:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&_members[deque->front], &deque->members[deque->front], data/cpl-7.1.2+dfsg/libcext/cext/cxdeque.c:595:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&deque->members[position], &other->members[first], data/cpl-7.1.2+dfsg/libcext/cext/cxdeque.c:646:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&deque->members[position], &other->members[first], data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:336:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "ERROR"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:341:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "CRITICAL"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:346:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "WARNING"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:351:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "Message"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:356:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "INFO"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:360:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "DEBUG"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:365:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "LOG-"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:370:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "LOG"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:375:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(prefix, " (recursed)"); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:378:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(prefix, " **"); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:1160:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s, self->data, self->sz); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:1166:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s, self->data, size); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:1213:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s, self->data, self->sz); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:1365:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(str, self->data + pos, len); data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:140:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s, string, sz); data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:529:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s, string, n); data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:971:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iconvert[MAX_CONVERT_LENGTH]; data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:1076:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iconvert[MAX_CONVERT_LENGTH]; data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:1077:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fconvert[MAX_CONVERT_LENGTH]; data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:1078:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char econvert[4]; /* "e-12" (without nul-termination). */ data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:2033:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[1024], buf2[1024]; data/cpl-7.1.2+dfsg/libcext/cext/snprintf.c:2088:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void)sprintf(buf1, "%.1f", value); data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__dirent.h:65:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[LT_FILENAME_MAX]; data/cpl-7.1.2+dfsg/libltdl/loaders/dyld.c:326:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char saveError[256] = "Symbol not found"; data/cpl-7.1.2+dfsg/libltdl/loaders/loadlibrary.c:139:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wpath[MAX_PATH]; data/cpl-7.1.2+dfsg/libltdl/lt__alloc.c:87:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return memcpy (newmem, mem, n); data/cpl-7.1.2+dfsg/libltdl/lt__argz.c:69:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (argz + *pargz_len, buf, buf_len); data/cpl-7.1.2+dfsg/libltdl/lt__argz.c:166:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (before, entry, entry_len); data/cpl-7.1.2+dfsg/libltdl/lt__dirent.c:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_spec[LT_FILENAME_MAX]; data/cpl-7.1.2+dfsg/libltdl/lt_error.c:36:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char error_strings[LT_ERROR_MAX][LT_ERROR_LEN_MAX + 1] = data/cpl-7.1.2+dfsg/libltdl/ltdl.c:756:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((*pfile = fopen (filename, LT_READTEXT_MODE))) data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1023:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, &str[1], (end - str) - 1); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1383:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen (attempt, LT_READTEXT_MODE); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2016:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lsym[LT_SYMBOL_LENGTH]; data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2071:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(sym, "_LTX_"); data/cpl-7.1.2+dfsg/cplcore/cpl_array.c:5364:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label_len[j] = field_size[j] = strlen("Array"); data/cpl-7.1.2+dfsg/cplcore/cpl_error.c:362:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const cpl_boolean has_name = wcsfunction && strlen(wcsfunction); data/cpl-7.1.2+dfsg/cplcore/cpl_error.c:469:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(error->msg) ? error->msg data/cpl-7.1.2+dfsg/cplcore/cpl_error.c:854:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(error->function, function, MAX_NAME_LENGTH); data/cpl-7.1.2+dfsg/cplcore/cpl_error.c:861:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(error->file, file, MAX_FILE_LENGTH); data/cpl-7.1.2+dfsg/cplcore/cpl_image_io.c:2582:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int msgmin = (int)(strlen(CPL_MSG) - 2 - 3 * strlen(CPL_SIZE_FORMAT)); data/cpl-7.1.2+dfsg/cplcore/cpl_image_io.c:2582:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int msgmin = (int)(strlen(CPL_MSG) - 2 - 3 * strlen(CPL_SIZE_FORMAT)); data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:800:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int msgmin = (int)strlen(CPL_MSG) - 5; data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:812:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int imsgmin = (int)strlen(CPL_IMSG) - 5; data/cpl-7.1.2+dfsg/cplcore/cpl_imagelist_io.c:855:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int imsgmin = (int)strlen(CPL_IMSG) - 5; data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.c:41:32: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. int *qulimited, double *ulimit, data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.c:993:44: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. int *qulimited, double *ulimit, data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.c:1147:16: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. qulimited && ulimit && qulimited[j] && data/cpl-7.1.2+dfsg/cplcore/cpl_mpfit.c:1148:12: [1] (obsolete) ulimit: This C routine is considered obsolete (as opposed to the shell command by the same name, which is NOT obsolete) (CWE-676). Use getrlimit(2), setrlimit(2), and sysconf(3) instead. (temp > (ulimit[j]-h)))) { data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:269:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(_timestamp, "0000-00-00T00:00:00", TIME_ISO8601_LENGTH); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:292:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(timestamp, _timestamp, TIME_ISO8601_LENGTH); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:562:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg_log, msg_timestamp, 10); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:565:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg_term, msg_timestamp, 10); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:579:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_log, ERROR_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:580:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:581:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, ERROR_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:582:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:585:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_log, WARNING_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:586:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:587:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, WARNING_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:588:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:591:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_log, INFO_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:592:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:593:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, INFO_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:594:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:597:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_log, DEBUG_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:598:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:599:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, DEBUG_STRING, data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:600:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:609:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, domain, CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:609:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_term, domain, CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:610:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(msg_term, ": ", CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:610:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_term, ": ", CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:614:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, component, CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:614:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_term, component, CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:615:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(msg_term, ": ", CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:615:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_term, ": ", CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:618:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_log, component, CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:618:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_log, component, CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:619:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(msg_log, ": ", CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:619:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_log, ": ", CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:629:4: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_log, tid, CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:629:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_log, tid, CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:631:8: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, tid, CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:631:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_term, tid, CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:641:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg_log, " ", CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:641:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_log, " ", CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:642:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(msg_term, " ", CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:642:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(msg_term, " ", CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:646:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). start_log_line = strlen(msg_log); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:647:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). start_term_line = strlen(msg_term); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:655:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). copy_only = CPL_MAX_MSG_LENGTH - strlen(msg_log) - 1; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:656:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_log, msg_text, copy_only); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:657:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). copy_only = CPL_MAX_MSG_LENGTH - strlen(msg_term) - 1; data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:658:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(msg_term, msg_text, copy_only); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:1067:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > CPL_MAX_LOGFILE_NAME - 1) data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:1071:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name, (unsigned)strlen(name)); data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:1410:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) >= CPL_MAX_DOMAIN_NAME) { data/cpl-7.1.2+dfsg/cplcore/cpl_msg.c:1411:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(domain, name, CPL_MAX_DOMAIN_NAME); data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:525:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (options == NULL || strlen(options) < 1) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:536:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (myoptions == NULL || strlen(myoptions) < 1) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:642:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (options == NULL || strlen(options) < 1) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:663:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (myoptions == NULL || strlen(myoptions) < 1) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:814:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (useoptions == NULL || strlen(useoptions) < 1) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:937:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (useoptions == NULL || strlen(useoptions) < 1) { data/cpl-7.1.2+dfsg/cplcore/cpl_plot.c:1535:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (cmd == NULL || strlen(cmd) == 0) return CPL_ERROR_NONE; data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:423:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). self = cpl_property_new_(name, type, 1, strlen(name)); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:489:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). self = cpl_property_new_(name, type, size, strlen(name)); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:569:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t size = 1 + strlen(other->name); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:582:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t size = 1 + strlen(other->comment); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:629:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). 1 + strlen(self->comment), data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:651:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). 1 + strlen(self->name), self->name, data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:806:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t oldsize = 1 + strlen(self->name); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:880:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxstr = CXSTR(name, strlen(name)); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:942:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t oldsize = 1 + strlen(self->comment); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1013:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxstr = CXSTR(comment, comment ? strlen(comment) : 0); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:1517:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxstr = CXSTR(value, strlen(value)); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:2499:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t size = self->nsize > 0 ? self->nsize : 1 + strlen(self->name); data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:2637:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). : strlen(self->name); /* Name not in container. :-( */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:2652:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). : strlen(self->comment); /* Comment not in container. :-( */ data/cpl-7.1.2+dfsg/cplcore/cpl_property.c:2752:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t allocsz = string ? strlen(string) : 0; data/cpl-7.1.2+dfsg/cplcore/cpl_property_impl.h:40:60: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define CXSTR(STRING, SIZE) ((size_t)(SIZE) == ((STRING) ? strlen(STRING) : 0) \ data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:574:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxstr = CXSTR(name, name ? strlen(name) : 0); data/cpl-7.1.2+dfsg/cplcore/cpl_propertylist.c:1232:27: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(shortcomment, comment, FLEN_COMMENT-1); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:194:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz = CPL_MAX(sz, strlen(s[i])); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:10586:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(cpl_column_get_name(table->columns[j])); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25229:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int)strlen(sdata[j]) > field_size) { data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25230:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). field_size = strlen(sdata[j]); data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25517:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int)strlen(sdata[j]) > field_size) data/cpl-7.1.2+dfsg/cplcore/cpl_table.c:25518:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). field_size = strlen(sdata[j]); data/cpl-7.1.2+dfsg/cplcore/cpl_test.c:522:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). logfile[strlen(logfile)-strlen(".log")] = '\0'; data/cpl-7.1.2+dfsg/cplcore/cpl_test.c:522:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). logfile[strlen(logfile)-strlen(".log")] = '\0'; data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:69:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:70:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:77:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:78:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:85:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:86:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:93:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:94:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:100:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:101:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:107:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:108:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:140:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, cpl_error_get_message(), CPL_ERROR_MAX_MESSAGE_LENGTH); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:143:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test( strlen(msg) > 0 ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:178:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:179:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:202:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:203:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:214:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test( strlen(msg) > strlen(cpl_error_get_message()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:214:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test( strlen(msg) > strlen(cpl_error_get_message()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:231:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test( strlen(msg) > strlen(cpl_error_get_message()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:231:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test( strlen(msg) > strlen(cpl_error_get_message()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:245:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test( strlen(msg) > strlen(cpl_error_get_message()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:245:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test( strlen(msg) > strlen(cpl_error_get_message()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:255:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_error-test.c:256:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_errorstate-test.c:308:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_file()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_errorstate-test.c:309:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cpl_test_zero( strlen(cpl_error_get_function()) ); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_memory-test.c:343:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t stringlen = strlen(string); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_property-test.c:249:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((cpl_size)strlen(strings[i]) + 1)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:392:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(cpl_property_get_comment(p2)))); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:1944:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). value = strlen(strval); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:2044:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). value = strlen(strval); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_propertylist-test.c:2059:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). value = strlen(strval); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test_init-test.c:76:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(logname)+1-total_written); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test_init-test.c:79:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } while (total_written != (ssize_t)(strlen(logname)+1)); data/cpl-7.1.2+dfsg/cplcore/tests/cpl_test_init-test.c:257:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bytes_read = read(pipefd[0], generated_filename + total_read, data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:417:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxsize length = strlen(name); data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:460:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > 8) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:466:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxint padding = 8 - strlen(name); data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:514:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(keyname) == 0) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:518:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(keyname) >= FLEN_KEYWORD) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:522:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (value && (strlen(value) >= FLEN_VALUE)) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:526:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (comment && (strlen(comment) >= FLEN_COMMENT)) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:532:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxbool has_comment = (comment != NULL) && (strlen(comment) > 0); data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:568:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxsize length = strlen(value); data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:795:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (record && (strlen(record) < FLEN_CARD)) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:836:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(record) >= FLEN_CARD) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:2478:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((td[i] != NULL) && (strlen(td[i]) > 0)) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:2491:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((_self->_m_theap != NULL) && (strlen(_self->_m_theap) > 0)) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:3214:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((self->_m_name != NULL) && (strlen(self->_m_name) > 0)) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:3568:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((_prefix == NULL) || (strlen(_prefix) == 0)) { data/cpl-7.1.2+dfsg/cpldfs/cpl_multiframe.c:4456:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > 0) { data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:941:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(outstr, o, (size_t)i * 80); data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:943:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(outstr,endcard,79); data/cpl-7.1.2+dfsg/cpldrs/cpl_wcs.c:2092:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(keyname, keybuf, 8); /* copy the keyword name */ data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:167:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = p + strlen(p); data/cpl-7.1.2+dfsg/libcext/cext/cxmessages.c:238:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return write(fd, string, strlen(string)); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:111:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). self->sz = strlen(self->data); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:151:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). string->sz = (cxsize) strlen(tmp); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:180:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(self->data, tmp, strlen((cxchar*)tmp) + 1); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:607:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lv = (cxsize) strlen(data); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:612:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, data, lv); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:613:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp + lv, self->data, self->sz); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:659:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lv = (cxsize) strlen(data); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:664:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, self->data, self->sz); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:665:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp + self->sz, data, lv); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:711:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxsize vl = (cxsize)strlen(data); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:715:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, self->data, position); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:716:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp + position, data, vl); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:717:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp + position + vl, self->data + position, data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:783:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, self->data, position); data/cpl-7.1.2+dfsg/libcext/cext/cxstring.c:784:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp + position, self->data + position + length, data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:89:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(string, t, strlen((cxchar *)t) + 1); data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:115:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). t = string + strlen(string) - 1; data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:138:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz = strlen(string) + 1; data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:677:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cxsize sz = strlen(delimiter); data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:686:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(token, remainder, length); data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:756:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz = 1 + strlen(sarray[0]); data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:760:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz += strlen(sarray[i]); data/cpl-7.1.2+dfsg/libcext/cext/cxstrutils.c:764:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz += strlen(separator) * (i - 1); data/cpl-7.1.2+dfsg/libcext/tests/cxlist-test.c:676:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; (cxsize)i < strlen(letters); i++) { data/cpl-7.1.2+dfsg/libcext/tests/cxlist-test.c:690:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_list_size(list) == (strlen(letters) - 1)); data/cpl-7.1.2+dfsg/libcext/tests/cxmap-test.c:131:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxslist-test.c:662:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; (cxsize)i < strlen(letters); i++) { data/cpl-7.1.2+dfsg/libcext/tests/cxslist-test.c:676:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_slist_size(list) == (strlen(letters) - 1)); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:223:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:244:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:298:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:304:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:315:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:331:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:338:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_tree_size(tree) == strlen(letters) - 10); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:350:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:366:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert((cx_tree_size(tree) == strlen(letters) - 26)); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:378:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:392:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert((cx_tree_size(tree) == strlen(letters) - 26)); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:405:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:434:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 26; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:437:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_tree_size(tree) == strlen(letters)); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:450:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:480:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:491:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) { data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:522:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) { data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:540:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(*((cxchar *)data) == letters[strlen(letters) - i - 1]); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:574:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:578:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_tree_size(tree) == (5 * strlen(letters))); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:600:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(letters); i++) data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:623:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_tree_size(tree) == (5 * strlen(letters) - 1)); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:638:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_tree_size(tree) == (5 * (strlen(letters) - 3))); data/cpl-7.1.2+dfsg/libcext/tests/cxtree-test.c:654:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cx_assert(cx_tree_size(tree) == (5 * (strlen(letters) - 4))); data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__dirent.h:46:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define D_NAMLEN(dirent) (strlen((dirent)->d_name)) data/cpl-7.1.2+dfsg/libltdl/libltdl/lt__dirent.h:54:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define D_NAMLEN(dirent) (strlen((dirent)->d_name)) data/cpl-7.1.2+dfsg/libltdl/loaders/dlopen.c:222:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *attempt = MALLOC (char, len + strlen (member) + 1); data/cpl-7.1.2+dfsg/libltdl/loaders/loadlibrary.c:179:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (wpath); data/cpl-7.1.2+dfsg/libltdl/lt__alloc.c:95:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (char *) lt__memdup (string, strlen (string) +1); data/cpl-7.1.2+dfsg/libltdl/lt__argz.c:91:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). argz_len = 1+ strlen (str); data/cpl-7.1.2+dfsg/libltdl/lt__argz.c:141:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return argz_append (pargz, pargz_len, entry, 1+ strlen (entry)); data/cpl-7.1.2+dfsg/libltdl/lt__argz.c:150:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t entry_len = 1+ strlen (entry); data/cpl-7.1.2+dfsg/libltdl/lt__dirent.c:101:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). entry->file_info.d_namlen = strlen (entry->file_info.d_name); data/cpl-7.1.2+dfsg/libltdl/lt__strl.c:61:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length=strlen(dst); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1293:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). archive_name = MALLOC (char, strlen (libprefix) + LT_STRLEN (name) + strlen (libext) + 2); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1293:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). archive_name = MALLOC (char, strlen (libprefix) + LT_STRLEN (name) + strlen (libext) + 2); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1731:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). error = argz_append (pargz, pargz_len, entry, 1 + strlen (entry)); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1821:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (buf, "/"); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:1822:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (buf, dp->d_name, end_offset); data/cpl-7.1.2+dfsg/libltdl/ltdl.c:2166:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert ((int) (before - *ppath) <= (int) strlen (*ppath)); data/cpl-7.1.2+dfsg/libltdl/ltdl.h:44:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define LT_STRLEN(s) (((s) && (s)[0]) ? strlen (s) : 0) ANALYSIS SUMMARY: Hits = 815 Lines analyzed = 252432 in approximately 6.02 seconds (41942 lines/second) Physical Source Lines of Code (SLOC) = 132569 Hits@level = [0] 343 [1] 225 [2] 468 [3] 29 [4] 93 [5] 0 Hits@level+ = [0+] 1158 [1+] 815 [2+] 590 [3+] 122 [4+] 93 [5+] 0 Hits/KSLOC@level+ = [0+] 8.73507 [1+] 6.14774 [2+] 4.45051 [3+] 0.920275 [4+] 0.701521 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.