Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/dar-2.6.13/misc/todos.c Examining data/dar-2.6.13/misc/Args/args.c Examining data/dar-2.6.13/src/libdar/cat_signature.cpp Examining data/dar-2.6.13/src/libdar/cat_nomme.hpp Examining data/dar-2.6.13/src/libdar/archive_summary.hpp Examining data/dar-2.6.13/src/libdar/compression.cpp Examining data/dar-2.6.13/src/libdar/tuyau.hpp Examining data/dar-2.6.13/src/libdar/header_version.hpp Examining data/dar-2.6.13/src/libdar/filesystem_tools.cpp Examining data/dar-2.6.13/src/libdar/trivial_sar.hpp Examining data/dar-2.6.13/src/libdar/fsa_family.cpp Examining data/dar-2.6.13/src/libdar/candidates.hpp Examining data/dar-2.6.13/src/libdar/statistics.cpp Examining data/dar-2.6.13/src/libdar/generic_file_overlay_for_gpgme.hpp Examining data/dar-2.6.13/src/libdar/tronconneuse.cpp Examining data/dar-2.6.13/src/libdar/archive_listing_callback.hpp Examining data/dar-2.6.13/src/libdar/entrepot_libcurl.cpp Examining data/dar-2.6.13/src/libdar/compile_time_features.hpp Examining data/dar-2.6.13/src/libdar/cat_blockdev.cpp Examining data/dar-2.6.13/src/libdar/cat_delta_signature.cpp Examining data/dar-2.6.13/src/libdar/sar.cpp Examining data/dar-2.6.13/src/libdar/gf_mode.cpp Examining data/dar-2.6.13/src/libdar/user_interaction_blind.hpp Examining data/dar-2.6.13/src/libdar/int_tools.cpp Examining data/dar-2.6.13/src/libdar/erreurs.cpp Examining data/dar-2.6.13/src/libdar/cat_blockdev.hpp Examining data/dar-2.6.13/src/libdar/generic_rsync.cpp Examining data/dar-2.6.13/src/libdar/ea_filesystem.hpp Examining data/dar-2.6.13/src/libdar/nls_swap.hpp Examining data/dar-2.6.13/src/libdar/tools.hpp Examining data/dar-2.6.13/src/libdar/entree_stats.cpp Examining data/dar-2.6.13/src/libdar/wrapperlib.cpp Examining data/dar-2.6.13/src/libdar/fsa_family.hpp Examining data/dar-2.6.13/src/libdar/fichier_libcurl.cpp Examining data/dar-2.6.13/src/libdar/macro_tools.cpp Examining data/dar-2.6.13/src/libdar/database_header.hpp Examining data/dar-2.6.13/src/libdar/libdar_slave.cpp Examining data/dar-2.6.13/src/libdar/fichier_local.cpp Examining data/dar-2.6.13/src/libdar/user_interaction.hpp Examining data/dar-2.6.13/src/libdar/cat_ignored.cpp Examining data/dar-2.6.13/src/libdar/compressor.hpp Examining data/dar-2.6.13/src/libdar/compression.hpp Examining data/dar-2.6.13/src/libdar/erreurs.hpp Examining data/dar-2.6.13/src/libdar/data_tree.hpp Examining data/dar-2.6.13/src/libdar/filesystem_tools.hpp Examining data/dar-2.6.13/src/libdar/memory_file.cpp Examining data/dar-2.6.13/src/libdar/archive_options.hpp Examining data/dar-2.6.13/src/libdar/generic_file_overlay_for_gpgme.cpp Examining data/dar-2.6.13/src/libdar/tronconneuse.hpp Examining data/dar-2.6.13/src/libdar/sar_tools.cpp Examining data/dar-2.6.13/src/libdar/fichier_libcurl.hpp Examining data/dar-2.6.13/src/libdar/slave_thread.cpp Examining data/dar-2.6.13/src/libdar/filesystem_hard_link_write.cpp Examining data/dar-2.6.13/src/libdar/entrepot.cpp Examining data/dar-2.6.13/src/libdar/sparse_file.hpp Examining data/dar-2.6.13/src/libdar/real_infinint.hpp Examining data/dar-2.6.13/src/libdar/elastic.cpp Examining data/dar-2.6.13/src/libdar/fichier_global.cpp Examining data/dar-2.6.13/src/libdar/user_interaction_callback5.hpp Examining data/dar-2.6.13/src/libdar/erreurs_ext.cpp Examining data/dar-2.6.13/src/libdar/mycurl_easyhandle_node.cpp Examining data/dar-2.6.13/src/libdar/etage.hpp Examining data/dar-2.6.13/src/libdar/crypto_sym.hpp Examining data/dar-2.6.13/src/libdar/user_interaction5.cpp Examining data/dar-2.6.13/src/libdar/trontextual.hpp Examining data/dar-2.6.13/src/libdar/filesystem_restore.cpp Examining data/dar-2.6.13/src/libdar/tlv.cpp Examining data/dar-2.6.13/src/libdar/entrepot_libcurl5.hpp Examining data/dar-2.6.13/src/libdar/cat_lien.cpp Examining data/dar-2.6.13/src/libdar/hash_fichier.cpp Examining data/dar-2.6.13/src/libdar/escape_catalogue.cpp Examining data/dar-2.6.13/src/libdar/messaging.cpp Examining data/dar-2.6.13/src/libdar/cat_entree.hpp Examining data/dar-2.6.13/src/libdar/cache_global.hpp Examining data/dar-2.6.13/src/libdar/trontextual.cpp Examining data/dar-2.6.13/src/libdar/cat_entree.cpp Examining data/dar-2.6.13/src/libdar/cat_delta_signature.hpp Examining data/dar-2.6.13/src/libdar/mask_list.hpp Examining data/dar-2.6.13/src/libdar/cat_eod.hpp Examining data/dar-2.6.13/src/libdar/filtre.hpp Examining data/dar-2.6.13/src/libdar/list_entry.hpp Examining data/dar-2.6.13/src/libdar/datetime.hpp Examining data/dar-2.6.13/src/libdar/shell_interaction.cpp Examining data/dar-2.6.13/src/libdar/cat_status.hpp Examining data/dar-2.6.13/src/libdar/cat_all_entrees.hpp Examining data/dar-2.6.13/src/libdar/entrepot_local.cpp Examining data/dar-2.6.13/src/libdar/null_file.hpp Examining data/dar-2.6.13/src/libdar/filesystem_restore.hpp Examining data/dar-2.6.13/src/libdar/cat_file.hpp Examining data/dar-2.6.13/src/libdar/cat_door.hpp Examining data/dar-2.6.13/src/libdar/i_libdar_xform.cpp Examining data/dar-2.6.13/src/libdar/list_entry.cpp Examining data/dar-2.6.13/src/libdar/mem_ui.cpp Examining data/dar-2.6.13/src/libdar/cat_detruit.cpp Examining data/dar-2.6.13/src/libdar/crit_action.cpp Examining data/dar-2.6.13/src/libdar/erreurs_ext.hpp Examining data/dar-2.6.13/src/libdar/cat_ignored_dir.cpp Examining data/dar-2.6.13/src/libdar/crypto.hpp Examining data/dar-2.6.13/src/libdar/cache.cpp Examining data/dar-2.6.13/src/libdar/archive_summary.cpp Examining data/dar-2.6.13/src/libdar/cygwin_adapt.hpp Examining data/dar-2.6.13/src/libdar/ea_filesystem.cpp Examining data/dar-2.6.13/src/libdar/smart_pointer.hpp Examining data/dar-2.6.13/src/libdar/database_header.cpp Examining data/dar-2.6.13/src/libdar/wrapperlib.hpp Examining data/dar-2.6.13/src/libdar/semaphore.hpp Examining data/dar-2.6.13/src/libdar/cat_prise.cpp Examining data/dar-2.6.13/src/libdar/i_entrepot_libcurl.hpp Examining data/dar-2.6.13/src/libdar/cat_tube.cpp Examining data/dar-2.6.13/src/libdar/user_interaction_callback5.cpp Examining data/dar-2.6.13/src/libdar/cat_mirage.hpp Examining data/dar-2.6.13/src/libdar/slave_zapette.hpp Examining data/dar-2.6.13/src/libdar/defile.hpp Examining data/dar-2.6.13/src/libdar/entrepot_libcurl.hpp Examining data/dar-2.6.13/src/libdar/archive.hpp Examining data/dar-2.6.13/src/libdar/real_infinint.cpp Examining data/dar-2.6.13/src/libdar/limitint.hpp Examining data/dar-2.6.13/src/libdar/cat_device.hpp Examining data/dar-2.6.13/src/libdar/mycurl_shared_handle.cpp Examining data/dar-2.6.13/src/libdar/cat_signature.hpp Examining data/dar-2.6.13/src/libdar/cat_chardev.hpp Examining data/dar-2.6.13/src/libdar/terminateur.cpp Examining data/dar-2.6.13/src/libdar/criterium.hpp Examining data/dar-2.6.13/src/libdar/header_version.cpp Examining data/dar-2.6.13/src/libdar/crypto_asym.cpp Examining data/dar-2.6.13/src/libdar/macro_tools.hpp Examining data/dar-2.6.13/src/libdar/user_interaction_callback.hpp Examining data/dar-2.6.13/src/libdar/pile.hpp Examining data/dar-2.6.13/src/libdar/libdar_xform.cpp Examining data/dar-2.6.13/src/libdar/candidates.cpp Examining data/dar-2.6.13/src/libdar/ea.cpp Examining data/dar-2.6.13/src/libdar/i_entrepot_libcurl.cpp Examining data/dar-2.6.13/src/libdar/sar.hpp Examining data/dar-2.6.13/src/libdar/cat_mirage.cpp Examining data/dar-2.6.13/src/libdar/deci.hpp Examining data/dar-2.6.13/src/libdar/datetime.cpp Examining data/dar-2.6.13/src/libdar/slice_layout.cpp Examining data/dar-2.6.13/src/libdar/mask.hpp Examining data/dar-2.6.13/src/libdar/compile_time_features.cpp Examining data/dar-2.6.13/src/libdar/archive_version.cpp Examining data/dar-2.6.13/src/libdar/cat_device.cpp Examining data/dar-2.6.13/src/libdar/shell_interaction_emulator.hpp Examining data/dar-2.6.13/src/libdar/fichier_global.hpp Examining data/dar-2.6.13/src/libdar/slice_layout.hpp Examining data/dar-2.6.13/src/libdar/tuyau.cpp Examining data/dar-2.6.13/src/libdar/contextual.cpp Examining data/dar-2.6.13/src/libdar/archive_options_listing_shell.hpp Examining data/dar-2.6.13/src/libdar/cat_inode.cpp Examining data/dar-2.6.13/src/libdar/header.cpp Examining data/dar-2.6.13/src/libdar/cat_file.cpp Examining data/dar-2.6.13/src/libdar/libdar_slave.hpp Examining data/dar-2.6.13/src/libdar/semaphore.cpp Examining data/dar-2.6.13/src/libdar/archive_options_listing_shell.cpp Examining data/dar-2.6.13/src/libdar/filesystem_backup.cpp Examining data/dar-2.6.13/src/libdar/pile_descriptor.cpp Examining data/dar-2.6.13/src/libdar/filesystem_backup.hpp Examining data/dar-2.6.13/src/libdar/archive5.hpp Examining data/dar-2.6.13/src/libdar/catalogue.hpp Examining data/dar-2.6.13/src/libdar/user_group_bases.hpp Examining data/dar-2.6.13/src/libdar/database5.hpp Examining data/dar-2.6.13/src/libdar/generic_thread.cpp Examining data/dar-2.6.13/src/libdar/data_dir.cpp Examining data/dar-2.6.13/src/libdar/archive5.cpp Examining data/dar-2.6.13/src/libdar/crypto_asym.hpp Examining data/dar-2.6.13/src/libdar/label.cpp Examining data/dar-2.6.13/src/libdar/integers.hpp Examining data/dar-2.6.13/src/libdar/entrepot.hpp Examining data/dar-2.6.13/src/libdar/data_dir.hpp Examining data/dar-2.6.13/src/libdar/zapette.hpp Examining data/dar-2.6.13/src/libdar/crypto_sym.cpp Examining data/dar-2.6.13/src/libdar/memory_file.hpp Examining data/dar-2.6.13/src/libdar/trivial_sar.cpp Examining data/dar-2.6.13/src/libdar/scrambler.hpp Examining data/dar-2.6.13/src/libdar/cat_directory.hpp Examining data/dar-2.6.13/src/libdar/cat_nomme.cpp Examining data/dar-2.6.13/src/libdar/compressor.cpp Examining data/dar-2.6.13/src/libdar/database_options.hpp Examining data/dar-2.6.13/src/libdar/generic_rsync.hpp Examining data/dar-2.6.13/src/libdar/tronc.cpp Examining data/dar-2.6.13/src/libdar/limitint.cpp Examining data/dar-2.6.13/src/libdar/deci.cpp Examining data/dar-2.6.13/src/libdar/cat_etoile.cpp Examining data/dar-2.6.13/src/libdar/secu_string.cpp Examining data/dar-2.6.13/src/libdar/defile.cpp Examining data/dar-2.6.13/src/libdar/database_listing_callback.hpp Examining data/dar-2.6.13/src/libdar/statistics.hpp Examining data/dar-2.6.13/src/libdar/generic_file.cpp Examining data/dar-2.6.13/src/libdar/user_interaction_callback.cpp Examining data/dar-2.6.13/src/libdar/generic_thread.hpp Examining data/dar-2.6.13/src/libdar/archive_num.hpp Examining data/dar-2.6.13/src/libdar/path.hpp Examining data/dar-2.6.13/src/libdar/tools.cpp Examining data/dar-2.6.13/src/libdar/pile_descriptor.hpp Examining data/dar-2.6.13/src/libdar/slave_thread.hpp Examining data/dar-2.6.13/src/libdar/libdar_xform.hpp Examining data/dar-2.6.13/src/libdar/archive_options.cpp Examining data/dar-2.6.13/src/libdar/get_version.cpp Examining data/dar-2.6.13/src/libdar/cache_global.cpp Examining data/dar-2.6.13/src/libdar/i_archive.cpp Examining data/dar-2.6.13/src/libdar/escape_catalogue.hpp Examining data/dar-2.6.13/src/libdar/sar_tools.hpp Examining data/dar-2.6.13/src/libdar/cat_door.cpp Examining data/dar-2.6.13/src/libdar/capabilities.hpp Examining data/dar-2.6.13/src/libdar/mycurl_easyhandle_node.hpp Examining data/dar-2.6.13/src/libdar/archive_options5.hpp Examining data/dar-2.6.13/src/libdar/storage.hpp Examining data/dar-2.6.13/src/libdar/data_tree.cpp Examining data/dar-2.6.13/src/libdar/slave_zapette.cpp Examining data/dar-2.6.13/src/libdar/op_tools.hpp Examining data/dar-2.6.13/src/libdar/database.cpp Examining data/dar-2.6.13/src/libdar/infinint.hpp Examining data/dar-2.6.13/src/libdar/delta_sig_block_size.cpp Examining data/dar-2.6.13/src/libdar/mycurl_shared_handle.hpp Examining data/dar-2.6.13/src/libdar/database.hpp Examining data/dar-2.6.13/src/libdar/user_interaction.cpp Examining data/dar-2.6.13/src/libdar/fichier_local.hpp Examining data/dar-2.6.13/src/libdar/crit_action.hpp Examining data/dar-2.6.13/src/libdar/mem_ui.hpp Examining data/dar-2.6.13/src/libdar/gf_mode.hpp Examining data/dar-2.6.13/src/libdar/filesystem_specific_attribute.hpp Examining data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp Examining data/dar-2.6.13/src/libdar/escape.hpp Examining data/dar-2.6.13/src/libdar/shell_interaction_emulator.cpp Examining data/dar-2.6.13/src/libdar/proto_generic_file.hpp Examining data/dar-2.6.13/src/libdar/op_tools.cpp Examining data/dar-2.6.13/src/libdar/database5.cpp Examining data/dar-2.6.13/src/libdar/tronc.hpp Examining data/dar-2.6.13/src/libdar/mask.cpp Examining data/dar-2.6.13/src/libdar/cat_directory.cpp Examining data/dar-2.6.13/src/libdar/cat_inode.hpp Examining data/dar-2.6.13/src/libdar/contextual.hpp Examining data/dar-2.6.13/src/libdar/cat_tube.hpp Examining data/dar-2.6.13/src/libdar/shell_interaction.hpp Examining data/dar-2.6.13/src/libdar/scrambler.cpp Examining data/dar-2.6.13/src/libdar/path.cpp Examining data/dar-2.6.13/src/libdar/crc.cpp Examining data/dar-2.6.13/src/libdar/archive_version.hpp Examining data/dar-2.6.13/src/libdar/mycurl_easyhandle_sharing.cpp Examining data/dar-2.6.13/src/libdar/secu_memory_file.cpp Examining data/dar-2.6.13/src/libdar/i_database.cpp Examining data/dar-2.6.13/src/libdar/messaging.hpp Examining data/dar-2.6.13/src/libdar/catalogue.cpp Examining data/dar-2.6.13/src/libdar/archive_aux.cpp Examining data/dar-2.6.13/src/libdar/cat_ignored.hpp Examining data/dar-2.6.13/src/libdar/delta_sig_block_size.hpp Examining data/dar-2.6.13/src/libdar/integers.cpp Examining data/dar-2.6.13/src/libdar/elastic.hpp Examining data/dar-2.6.13/src/libdar/i_archive.hpp Examining data/dar-2.6.13/src/libdar/secu_string.hpp Examining data/dar-2.6.13/src/libdar/tlv.hpp Examining data/dar-2.6.13/src/libdar/cat_lien.hpp Examining data/dar-2.6.13/src/libdar/storage.cpp Examining data/dar-2.6.13/src/libdar/etage.cpp Examining data/dar-2.6.13/src/libdar/filesystem_hard_link_read.hpp Examining data/dar-2.6.13/src/libdar/zapette_protocol.cpp Examining data/dar-2.6.13/src/libdar/cat_ignored_dir.hpp Examining data/dar-2.6.13/src/libdar/cygwin_adapt.h Examining data/dar-2.6.13/src/libdar/mycurl_easyhandle_sharing.hpp Examining data/dar-2.6.13/src/libdar/user_group_bases.cpp Examining data/dar-2.6.13/src/libdar/header.hpp Examining data/dar-2.6.13/src/libdar/libdar.hpp Examining data/dar-2.6.13/src/libdar/label.hpp Examining data/dar-2.6.13/src/libdar/filesystem_diff.cpp Examining data/dar-2.6.13/src/libdar/entree_stats.hpp Examining data/dar-2.6.13/src/libdar/generic_to_global_file.hpp Examining data/dar-2.6.13/src/libdar/archive_num.cpp Examining data/dar-2.6.13/src/libdar/libdar5.cpp Examining data/dar-2.6.13/src/libdar/cat_detruit.hpp Examining data/dar-2.6.13/src/libdar/zapette.cpp Examining data/dar-2.6.13/src/libdar/terminateur.hpp Examining data/dar-2.6.13/src/libdar/cat_chardev.cpp Examining data/dar-2.6.13/src/libdar/zapette_protocol.hpp Examining data/dar-2.6.13/src/libdar/cat_etoile.hpp Examining data/dar-2.6.13/src/libdar/cache.hpp Examining data/dar-2.6.13/src/libdar/cat_prise.hpp Examining data/dar-2.6.13/src/libdar/user_interaction5.hpp Examining data/dar-2.6.13/src/libdar/i_libdar_xform.hpp Examining data/dar-2.6.13/src/libdar/archive.cpp Examining data/dar-2.6.13/src/libdar/filesystem_diff.hpp Examining data/dar-2.6.13/src/libdar/mask_list.cpp Examining data/dar-2.6.13/src/libdar/filesystem_hard_link_write.hpp Examining data/dar-2.6.13/src/libdar/tlv_list.cpp Examining data/dar-2.6.13/src/libdar/secu_memory_file.hpp Examining data/dar-2.6.13/src/libdar/range.cpp Examining data/dar-2.6.13/src/libdar/range.hpp Examining data/dar-2.6.13/src/libdar/capabilities.cpp Examining data/dar-2.6.13/src/libdar/tlv_list.hpp Examining data/dar-2.6.13/src/libdar/crypto.cpp Examining data/dar-2.6.13/src/libdar/get_version.hpp Examining data/dar-2.6.13/src/libdar/int_tools.hpp Examining data/dar-2.6.13/src/libdar/ea.hpp Examining data/dar-2.6.13/src/libdar/generic_file.hpp Examining data/dar-2.6.13/src/libdar/hash_fichier.hpp Examining data/dar-2.6.13/src/libdar/mycurl_protocol.hpp Examining data/dar-2.6.13/src/libdar/libdar5.hpp Examining data/dar-2.6.13/src/libdar/pile.cpp Examining data/dar-2.6.13/src/libdar/mycurl_protocol.cpp Examining data/dar-2.6.13/src/libdar/thread_cancellation.hpp Examining data/dar-2.6.13/src/libdar/user_interaction_blind.cpp Examining data/dar-2.6.13/src/libdar/thread_cancellation.cpp Examining data/dar-2.6.13/src/libdar/crc.hpp Examining data/dar-2.6.13/src/libdar/database_aux.hpp Examining data/dar-2.6.13/src/libdar/filtre.cpp Examining data/dar-2.6.13/src/libdar/database_archives.hpp Examining data/dar-2.6.13/src/libdar/i_database.hpp Examining data/dar-2.6.13/src/libdar/escape.cpp Examining data/dar-2.6.13/src/libdar/entrepot_local.hpp Examining data/dar-2.6.13/src/libdar/archive_aux.hpp Examining data/dar-2.6.13/src/libdar/sparse_file.cpp Examining data/dar-2.6.13/src/libdar/criterium.cpp Examining data/dar-2.6.13/src/libdar/filesystem_hard_link_read.cpp Examining data/dar-2.6.13/src/gettext.h Examining data/dar-2.6.13/src/testing/test_compressor.cpp Examining data/dar-2.6.13/src/testing/hashsum.c Examining data/dar-2.6.13/src/testing/test_deci.cpp Examining data/dar-2.6.13/src/testing/test_mask_list.cpp Examining data/dar-2.6.13/src/testing/test_datetime.cpp Examining data/dar-2.6.13/src/testing/test_escape.cpp Examining data/dar-2.6.13/src/testing/test_hide_file.cpp Examining data/dar-2.6.13/src/testing/test_libdar.cpp Examining data/dar-2.6.13/src/testing/test_range.cpp Examining data/dar-2.6.13/src/testing/test_tuyau.cpp Examining data/dar-2.6.13/src/testing/test_erreurs.cpp Examining data/dar-2.6.13/src/testing/test_elastic.cpp Examining data/dar-2.6.13/src/testing/test_mask.cpp Examining data/dar-2.6.13/src/testing/test_cache.cpp Examining data/dar-2.6.13/src/testing/test_smart_pointer.cpp Examining data/dar-2.6.13/src/testing/test_sar.cpp Examining data/dar-2.6.13/src/testing/test_generic_thread.cpp Examining data/dar-2.6.13/src/testing/test_tronconneuse.cpp Examining data/dar-2.6.13/src/testing/test_generic_file.cpp Examining data/dar-2.6.13/src/testing/test_catalogue.cpp Examining data/dar-2.6.13/src/testing/test_rsync.cpp Examining data/dar-2.6.13/src/testing/testtools.cpp Examining data/dar-2.6.13/src/testing/test_limitint.cpp Examining data/dar-2.6.13/src/testing/make_sparse_file.c Examining data/dar-2.6.13/src/testing/test_crypto_asym.cpp Examining data/dar-2.6.13/src/testing/test_scrambler.cpp Examining data/dar-2.6.13/src/testing/test_storage.cpp Examining data/dar-2.6.13/src/testing/test_hash_fichier.cpp Examining data/dar-2.6.13/src/testing/testtools.hpp Examining data/dar-2.6.13/src/testing/moving_file.cpp Examining data/dar-2.6.13/src/testing/test_blowfish.cpp Examining data/dar-2.6.13/src/testing/test_terminateur.cpp Examining data/dar-2.6.13/src/testing/test_tronc.cpp Examining data/dar-2.6.13/src/testing/test_infinint.cpp Examining data/dar-2.6.13/src/testing/test_filesystem.cpp Examining data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp Examining data/dar-2.6.13/src/testing/test_path.cpp Examining data/dar-2.6.13/src/examples/prime.cpp Examining data/dar-2.6.13/src/examples/formula.cpp Examining data/dar-2.6.13/src/examples/factoriel.cpp Examining data/dar-2.6.13/src/dar_suite/dar.hpp Examining data/dar-2.6.13/src/dar_suite/dar_slave.cpp Examining data/dar-2.6.13/src/dar_suite/line_tools.hpp Examining data/dar-2.6.13/src/dar_suite/getopt_decision.h Examining data/dar-2.6.13/src/dar_suite/dar_cp.cpp Examining data/dar-2.6.13/src/dar_suite/dar_manager.cpp Examining data/dar-2.6.13/src/dar_suite/no_comment.hpp Examining data/dar-2.6.13/src/dar_suite/my_getopt_long.h Examining data/dar-2.6.13/src/dar_suite/line_tools.cpp Examining data/dar-2.6.13/src/dar_suite/dar_suite.cpp Examining data/dar-2.6.13/src/dar_suite/crit_action_cmd_line.hpp Examining data/dar-2.6.13/src/dar_suite/dar.cpp Examining data/dar-2.6.13/src/dar_suite/dar_split.c Examining data/dar-2.6.13/src/dar_suite/crit_action_cmd_line.cpp Examining data/dar-2.6.13/src/dar_suite/hide_file.hpp Examining data/dar-2.6.13/src/dar_suite/no_comment.cpp Examining data/dar-2.6.13/src/dar_suite/hide_file.cpp Examining data/dar-2.6.13/src/dar_suite/dar_suite.hpp Examining data/dar-2.6.13/src/dar_suite/config_file.hpp Examining data/dar-2.6.13/src/dar_suite/config_file.cpp Examining data/dar-2.6.13/src/dar_suite/command_line.hpp Examining data/dar-2.6.13/src/dar_suite/command_line.cpp Examining data/dar-2.6.13/src/dar_suite/dar_xform.cpp Examining data/dar-2.6.13/src/python/pybind11_libdar.cpp Examining data/dar-2.6.13/src/check/all_features.cpp Examining data/dar-2.6.13/src/check/padder.cpp Examining data/dar-2.6.13/src/my_config.h FINAL RESULTS: data/dar-2.6.13/src/libdar/filesystem_tools.cpp:225:8: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void)chmod(name, permission); data/dar-2.6.13/src/libdar/filesystem_tools.cpp:262:6: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. if(chown(name, tmp_uid, tmp_gid) < 0) data/dar-2.6.13/src/libdar/filesystem_tools.cpp:282:24: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if(chmod(name, ref.get_perm()) < 0) data/dar-2.6.13/src/libdar/tools.cpp:781:22: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. lu = readlink(root, buffer, length-1); // length-1 to have room to add '\0' at the end data/dar-2.6.13/misc/todos.c:80:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(buffer); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:175:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, dst); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:177:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tmp, tmp2.c_str()); data/dar-2.6.13/src/libdar/thread_cancellation.cpp:42:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. pthread_mutex_lock(&access) data/dar-2.6.13/src/libdar/thread_cancellation.cpp:44:44: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. #define CRITICAL_END pthread_mutex_unlock(&access); \ data/dar-2.6.13/src/libdar/thread_cancellation.hpp:181:25: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. static pthread_mutex_t access; ///< mutex for the access to "info" data/dar-2.6.13/src/libdar/tools.cpp:829:85: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. void tools_make_date(const std::string & chemin, bool symlink, const datetime & access, const datetime & modif, const datetime & birth) data/dar-2.6.13/src/libdar/tools.cpp:840:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if(!access.get_value(tmp, usec, datetime::tu_microsecond)) data/dar-2.6.13/src/libdar/tools.cpp:999:12: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(execvp(argv[0], argv) < 0) data/dar-2.6.13/src/libdar/tools.cpp:1463:32: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. S_I code = system(ptr); data/dar-2.6.13/src/libdar/tools.hpp:262:92: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. extern void tools_make_date(const std::string & chemin, bool symlink, const datetime & access, const datetime & modif, const datetime & birth); data/dar-2.6.13/src/libdar/user_interaction.cpp:131:28: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void user_interaction::printf(const char *format, ...) data/dar-2.6.13/src/libdar/user_interaction.hpp:73:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. virtual void printf(const char *format, ...); data/dar-2.6.13/src/libdar/user_interaction5.cpp:197:28: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void user_interaction::printf(const char *format, ...) data/dar-2.6.13/src/libdar/user_interaction5.hpp:259:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. virtual void printf(const char *format, ...) override; data/dar-2.6.13/src/python/pybind11_libdar.cpp:962:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. using libdar::user_interaction::printf; data/dar-2.6.13/src/dar_suite/command_line.cpp:836:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt_long(argc, argv, OPT_STRING, get_long_opt(), nullptr)) != EOF) data/dar-2.6.13/src/dar_suite/command_line.cpp:838:21: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt(argc, argv, OPT_STRING)) != EOF) data/dar-2.6.13/src/dar_suite/command_line.cpp:2798:11: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while(getopt_long(argc, argv, OPT_STRING, get_long_opt(), nullptr) != EOF && optind < next_to_read) data/dar-2.6.13/src/dar_suite/command_line.cpp:2801:11: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while(getopt(argc, argv, OPT_STRING) != EOF && optind < next_to_read) data/dar-2.6.13/src/dar_suite/command_line.cpp:3306:11: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while(getopt_long(argc, argv, OPT_STRING, get_long_opt(), nullptr) != EOF) data/dar-2.6.13/src/dar_suite/command_line.cpp:3309:11: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while(getopt(argc, argv, OPT_STRING) != EOF) data/dar-2.6.13/src/dar_suite/dar_manager.cpp:314:14: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt_long(argc, argv, OPT_STRING, get_long_opt(), nullptr)) != EOF) data/dar-2.6.13/src/dar_suite/dar_manager.cpp:316:18: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt(argc, argv, OPT_STRING)) != EOF) data/dar-2.6.13/src/dar_suite/dar_slave.cpp:154:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt(argc, argv, OPT_STRING)) != EOF) data/dar-2.6.13/src/dar_suite/dar_xform.cpp:222:21: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt(argc, argv, OPT_STRING)) != EOF) data/dar-2.6.13/src/dar_suite/line_tools.cpp:614:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt_long(argc, argv, getopt_string, ptr_long_opt, nullptr)) != EOF && stop_scan != lu) data/dar-2.6.13/src/dar_suite/line_tools.cpp:616:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((lu = getopt(argc, argv, getopt_string)) != EOF && stop_scan != lu) data/dar-2.6.13/src/dar_suite/my_getopt_long.h:66:12: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. extern int getopt_long (int __argc, char *const *__argv, const char *__shortopts, data/dar-2.6.13/src/libdar/elastic.cpp:236:6: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/dar-2.6.13/src/libdar/get_version.cpp:136:6: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(::time(nullptr)+getpid()+getppid()); data/dar-2.6.13/src/testing/test_tuyau.cpp:121:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned int)getpid()); data/dar-2.6.13/misc/todos.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MAX]; data/dar-2.6.13/misc/todos.c:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sortie[2*MAX]; data/dar-2.6.13/misc/todos.c:51:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(open(file,O_RDONLY) != 0) data/dar-2.6.13/misc/todos.c:56:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(open(TMP,O_WRONLY|O_CREAT,0600) != 1) data/dar-2.6.13/src/check/padder.cpp:45:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). padder(atoi(argv[1]), tmp); data/dar-2.6.13/src/dar_suite/command_line.cpp:57:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/dar_suite/command_line.cpp:57:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/dar_suite/command_line.cpp:58:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/dar_suite/command_line.cpp:2736:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. argv = new (nothrow) char *[argc]; data/dar-2.6.13/src/dar_suite/dar_cp.cpp:182:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *fds = ::open(src, O_RDONLY|O_BINARY); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:192:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *fdd = ::open(dst, O_WRONLY|O_CREAT|O_EXCL|O_BINARY, 0666); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUF_SIZE]; data/dar-2.6.13/src/dar_suite/dar_slave.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/dar_suite/dar_slave.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/dar_suite/dar_slave.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/dar_suite/dar_split.c:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tty[L_ctermid+1]; data/dar-2.6.13/src/dar_suite/dar_split.c:188:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_inter = open(tty, O_RDONLY); data/dar-2.6.13/src/dar_suite/dar_split.c:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[bufsize]; data/dar-2.6.13/src/dar_suite/dar_split.c:230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[10]; data/dar-2.6.13/src/dar_suite/dar_split.c:469:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY|O_BINARY|flag); data/dar-2.6.13/src/dar_suite/dar_split.c:487:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_RDONLY|O_BINARY); data/dar-2.6.13/src/dar_suite/line_tools.cpp:71:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. x_argv = new (nothrow) char *[size]; data/dar-2.6.13/src/libdar/archive_num.cpp:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[val_size]; data/dar-2.6.13/src/libdar/archive_num.cpp:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[val_size]; data/dar-2.6.13/src/libdar/archive_version.cpp:57:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[ARCHIVE_VER_SIZE]; data/dar-2.6.13/src/libdar/archive_version.cpp:73:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[OLD_ARCHIVE_VER_SIZE]; data/dar-2.6.13/src/libdar/cache.cpp:47:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/cache.cpp:47:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/cache.cpp:48:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/cache.cpp:394:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a+ret, buffer + next, min); data/dar-2.6.13/src/libdar/cache.cpp:469:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(buffer + next, a + wrote, min); data/dar-2.6.13/src/libdar/compressor.cpp:56:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/compressor.cpp:56:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/compressor.cpp:57:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/compressor.cpp:550:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a+read, lzo_read_buffer+lzo_read_start, to_read); data/dar-2.6.13/src/libdar/compressor.cpp:558:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a+read, lzo_read_buffer+lzo_read_start, available); data/dar-2.6.13/src/libdar/compressor.cpp:588:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(lzo_write_buffer + lzo_write_size, a + wrote, to_write); data/dar-2.6.13/src/libdar/compressor.cpp:594:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(lzo_write_buffer + lzo_write_size, a + wrote, space); data/dar-2.6.13/src/libdar/compressor.cpp:764:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wrkmem[LZO1X_MEM_DECOMPRESS]; data/dar-2.6.13/src/libdar/crc.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/crc.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/crc.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/crc.cpp:414:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cyclic = (unsigned char *)(new (nothrow) U_64[width/8]); data/dar-2.6.13/src/libdar/crc.cpp:416:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cyclic = (unsigned char *)(new (nothrow) U_32[width/4]); data/dar-2.6.13/src/libdar/crc.cpp:418:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cyclic = (unsigned char *)(new (nothrow) U_16[width/2]); data/dar-2.6.13/src/libdar/crc.cpp:444:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(cyclic, ref.cyclic, size); data/dar-2.6.13/src/libdar/crypto_sym.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/crypto_sym.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/crypto_sym.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/crypto_sym.cpp:465:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ii[4]; data/dar-2.6.13/src/libdar/crypto_sym.cpp:477:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(Uj, tmp_md, gcry_md_get_algo_dlen(hash_gcrypt)); data/dar-2.6.13/src/libdar/crypto_sym.cpp:478:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(Ti, tmp_md, gcry_md_get_algo_dlen(hash_gcrypt)); data/dar-2.6.13/src/libdar/crypto_sym.cpp:487:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(Uj, tmp_md, gcry_md_get_algo_dlen(hash_gcrypt)); data/dar-2.6.13/src/libdar/crypto_sym.cpp:707:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iv[9]; data/dar-2.6.13/src/libdar/crypto_sym.cpp:715:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ivec[8]; data/dar-2.6.13/src/libdar/ea_filesystem.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/ea_filesystem.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/ea_filesystem.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/entrepot.cpp:81:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_global *entrepot::open(const shared_ptr<user_interaction> & dialog, data/dar-2.6.13/src/libdar/entrepot.hpp:118:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_global *open(const std::shared_ptr<user_interaction> & dialog, data/dar-2.6.13/src/libdar/escape.cpp:55:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/escape.cpp:55:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/escape.cpp:56:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/escape.cpp:375:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_buffer[WRITE_BUFFER_SIZE]; data/dar-2.6.13/src/libdar/escape.cpp:421:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(write_buffer, tmp_buffer, write_buffer_size); data/dar-2.6.13/src/libdar/escape.cpp:552:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a + returned, read_buffer + already_read, min_cp); data/dar-2.6.13/src/libdar/escape.cpp:649:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(read_buffer, a + returned, read_buffer_size); data/dar-2.6.13/src/libdar/escape.cpp:708:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(write_buffer + write_buffer_size, a, delta); data/dar-2.6.13/src/libdar/escape.cpp:769:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(write_buffer + write_buffer_size, a+written, yet_in_a); data/dar-2.6.13/src/libdar/escape.cpp:818:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(write_buffer, a + written, remains); data/dar-2.6.13/src/libdar/escape.cpp:927:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(write_buffer, ref.write_buffer, write_buffer_size); data/dar-2.6.13/src/libdar/escape.cpp:931:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(read_buffer, ref.read_buffer, read_buffer_size); data/dar-2.6.13/src/libdar/escape.cpp:937:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(fixed_sequence, ref.fixed_sequence, ESCAPE_SEQUENCE_LENGTH); data/dar-2.6.13/src/libdar/escape.cpp:972:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(read_buffer, read_buffer + already_read, avail); data/dar-2.6.13/src/libdar/escape.cpp:1038:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. U_I escape::trouve_amorce(const char *a, U_I size, const unsigned char escape_sequence[ESCAPE_SEQUENCE_LENGTH]) data/dar-2.6.13/src/libdar/escape.cpp:1038:71: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. U_I escape::trouve_amorce(const char *a, U_I size, const unsigned char escape_sequence[ESCAPE_SEQUENCE_LENGTH]) data/dar-2.6.13/src/libdar/escape.cpp:1072:110: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. U_I escape::remove_data_marks_and_stop_at_first_real_mark(char *a, U_I size, U_I & delta, const unsigned char escape_sequence[ESCAPE_SEQUENCE_LENGTH]) data/dar-2.6.13/src/libdar/escape.hpp:173:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char usual_fixed_sequence[ESCAPE_SEQUENCE_LENGTH]; data/dar-2.6.13/src/libdar/escape.hpp:179:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char write_buffer[WRITE_BUFFER_SIZE]; ///< data in write transit, all data is unescaped, up to the first real mark, after it, data is raw (may be escaped) data/dar-2.6.13/src/libdar/escape.hpp:185:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char read_buffer[READ_BUFFER_SIZE]; ///< data in read transit data/dar-2.6.13/src/libdar/escape.hpp:187:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char fixed_sequence[ESCAPE_SEQUENCE_LENGTH]; ///< the preambule of an escape sequence to use/search for data/dar-2.6.13/src/libdar/escape.hpp:229:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static U_I trouve_amorce(const char *a, U_I size, const unsigned char escape_sequence[ESCAPE_SEQUENCE_LENGTH]); data/dar-2.6.13/src/libdar/escape.hpp:229:67: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static U_I trouve_amorce(const char *a, U_I size, const unsigned char escape_sequence[ESCAPE_SEQUENCE_LENGTH]); data/dar-2.6.13/src/libdar/escape.hpp:239:106: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static U_I remove_data_marks_and_stop_at_first_real_mark(char *a, U_I size, U_I & delta, const unsigned char escape_sequence[ESCAPE_SEQUENCE_LENGTH]); data/dar-2.6.13/src/libdar/etage.cpp:112:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fddir = ::open(dirname, O_RDONLY|O_BINARY|O_NOATIME); data/dar-2.6.13/src/libdar/fichier_global.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/fichier_global.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/fichier_global.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:377:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, a + wrote, toadd); data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:383:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, a + wrote, ptr_size); data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:419:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a + read + delta, ptr, ptr_size); data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:425:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a + read + delta, ptr, room); data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:823:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, buffer + lu, remain); data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:830:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, buffer + lu, ptr_size); data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:874:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bufptr, ptr, ptr_size); data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:880:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bufptr, ptr, room); data/dar-2.6.13/src/libdar/fichier_libcurl.hpp:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char meta_tampon[tampon_size]; ///< trash in transit data used to carry metadata data/dar-2.6.13/src/libdar/fichier_local.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/fichier_local.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/fichier_local.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/fichier_local.cpp:109:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_local::open(chemin, m, permission, fail_if_exists, erase, furtive_mode); data/dar-2.6.13/src/libdar/fichier_local.cpp:115:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_local::open(chemin, gf_read_only, 0, false, false, furtive_mode); data/dar-2.6.13/src/libdar/fichier_local.cpp:368:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void fichier_local::open(const string & chemin, data/dar-2.6.13/src/libdar/fichier_local.cpp:418:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filedesc = ::open(name, o_mode, permission); data/dar-2.6.13/src/libdar/fichier_local.cpp:420:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filedesc = ::open(name, o_mode); data/dar-2.6.13/src/libdar/fichier_local.hpp:128:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const std::string & chemin, data/dar-2.6.13/src/libdar/filesystem_backup.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_backup.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_backup.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_diff.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_diff.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_diff.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_hard_link_read.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_hard_link_read.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_hard_link_read.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_hard_link_write.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_hard_link_write.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_hard_link_write.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_restore.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_restore.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_restore.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp:226:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[FAM_SIG_WIDTH + NAT_SIG_WIDTH + 1]; data/dar-2.6.13/src/libdar/filesystem_tools.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_tools.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_tools.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/filesystem_tools.cpp:366:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = ::open(ptr, O_RDONLY|O_BINARY|O_NONBLOCK); data/dar-2.6.13/src/libdar/generic_file.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/generic_file.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/generic_file.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/generic_file.cpp:116:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer_me[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/generic_file.cpp:117:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer_ref[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/generic_file.cpp:203:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/generic_file.cpp:248:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/generic_file.cpp:330:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer1[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/generic_file.cpp:331:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer2[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/generic_thread.cpp:306:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a + read, data_ptr + 1, min); data/dar-2.6.13/src/libdar/generic_thread.cpp:313:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a + read, data_ptr + 1, data_num); data/dar-2.6.13/src/libdar/generic_thread.cpp:349:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(tmptr + 1, a + wrote, min); data/dar-2.6.13/src/libdar/header_version.cpp:395:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char flag[2]; data/dar-2.6.13/src/libdar/i_database.cpp:733:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[taille]; data/dar-2.6.13/src/libdar/label.cpp:133:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(val, ref.val, LABEL_SIZE); data/dar-2.6.13/src/libdar/label.hpp:77:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[LABEL_SIZE]; data/dar-2.6.13/src/libdar/mask.cpp:125:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[msg_size]; data/dar-2.6.13/src/libdar/sar.cpp:65:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sar.cpp:65:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sar.cpp:66:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sar.cpp:671:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of_fd = entr->open(get_pointer(), data/dar-2.6.13/src/libdar/sar.cpp:997:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of_fd = entr->open(get_pointer(), data/dar-2.6.13/src/libdar/sar.cpp:1025:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of_fd = entr->open(get_pointer(), data/dar-2.6.13/src/libdar/sar.cpp:1115:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of_fd = entr->open(get_pointer(), data/dar-2.6.13/src/libdar/sar.cpp:1126:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of_fd = entr->open(get_pointer(), data/dar-2.6.13/src/libdar/sar_tools.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sar_tools.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sar_tools.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/secu_string.cpp:42:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/secu_string.cpp:42:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/secu_string.cpp:43:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/secu_string.cpp:124:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(mem + offset, ptr, size); data/dar-2.6.13/src/libdar/secu_string.cpp:239:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(mem, ref.mem, *(ref.string_size) + 1); // +1 to copy the ending '\0' data/dar-2.6.13/src/libdar/shell_interaction.cpp:55:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/shell_interaction.cpp:55:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/shell_interaction.cpp:56:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/shell_interaction.cpp:134:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tty[L_ctermid+1]; data/dar-2.6.13/src/libdar/shell_interaction.cpp:140:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = ::open(tty, O_RDONLY|O_TEXT); data/dar-2.6.13/src/libdar/shell_interaction.cpp:413:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[bufsize]; data/dar-2.6.13/src/libdar/shell_interaction.cpp:492:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[taille+1]; data/dar-2.6.13/src/libdar/sparse_file.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sparse_file.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sparse_file.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/sparse_file.cpp:238:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/sparse_file.hpp:140:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char zeroed_field[SPARSE_FIXED_ZEROED_BLOCK]; ///< read-only, used when the sequence of zeros is too short for a hole data/dar-2.6.13/src/libdar/storage.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/storage.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/storage.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/storage.cpp:173:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(it.cell->data + it.offset, a + wrote, to_write); data/dar-2.6.13/src/libdar/storage.cpp:180:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(it.cell->data + it.offset, a + wrote, space); data/dar-2.6.13/src/libdar/storage.cpp:207:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a + read, it.cell->data + it.offset, to_read); data/dar-2.6.13/src/libdar/storage.cpp:214:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(a + read, it.cell->data + it.offset, space); data/dar-2.6.13/src/libdar/storage.cpp:292:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(p, it.cell->data, it.offset); data/dar-2.6.13/src/libdar/storage.cpp:332:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(p, it.cell->data, it.offset); data/dar-2.6.13/src/libdar/storage.cpp:333:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(p + it.offset, it.cell->data + it.offset + number, it.cell->size - it.offset - number); data/dar-2.6.13/src/libdar/storage.cpp:482:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(p, glisseur->data, glisseur->size); data/dar-2.6.13/src/libdar/storage.cpp:483:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(p + glisseur->size, tmp->data, somme - glisseur->size); data/dar-2.6.13/src/libdar/tools.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tools.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tools.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tools.cpp:207:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char a[2] = { 0, 0 }; data/dar-2.6.13/src/libdar/tools.cpp:234:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[buf_size]; data/dar-2.6.13/src/libdar/tools.cpp:477:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(ret, x.c_str(), size); data/dar-2.6.13/src/libdar/tools.cpp:506:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char **argv = new (nothrow) char * [argvector.size()+1]; data/dar-2.6.13/src/libdar/tools.cpp:2117:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MSGSIZE]; data/dar-2.6.13/src/libdar/tools.cpp:2147:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MSGSIZE]; data/dar-2.6.13/src/libdar/trivial_sar.cpp:65:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/trivial_sar.cpp:65:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/trivial_sar.cpp:66:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/trivial_sar.cpp:173:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tmp = where.open(dialog, data/dar-2.6.13/src/libdar/trivial_sar.cpp:197:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tmp = where.open(dialog, data/dar-2.6.13/src/libdar/tronc.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tronc.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tronc.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tronconneuse.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tronconneuse.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tronconneuse.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tronconneuse.cpp:270:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(buf + buf_byte_data, a + lu, min); data/dar-2.6.13/src/libdar/tronconneuse.cpp:342:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(buf, ref.buf, buf_byte_data); data/dar-2.6.13/src/libdar/tronconneuse.cpp:355:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(encrypted_buf, ref.encrypted_buf, encrypted_buf_data); data/dar-2.6.13/src/libdar/tronconneuse.cpp:362:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(extra_buf, ref.extra_buf, extra_buf_data); data/dar-2.6.13/src/libdar/tronconneuse.cpp:414:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(encrypted_buf, extra_buf, extra_buf_data); data/dar-2.6.13/src/libdar/tuyau.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tuyau.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tuyau.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/tuyau.cpp:420:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filedesc = ::open(chemin.c_str(), flag|O_BINARY); data/dar-2.6.13/src/libdar/tuyau.cpp:429:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/tuyau.cpp:482:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/dar-2.6.13/src/libdar/user_interaction.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction5.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction5.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction5.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_blind.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_blind.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_blind.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_callback.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_callback.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_callback.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_callback5.cpp:43:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_callback5.cpp:43:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/libdar/user_interaction_callback5.cpp:44:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/testing/hashsum.c:71:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(argv[1], O_RDONLY); data/dar-2.6.13/src/testing/hashsum.c:205:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFSIZE]; data/dar-2.6.13/src/testing/make_sparse_file.c:42:30: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return create_file(argv[1], atol(argv[2])); data/dar-2.6.13/src/testing/make_sparse_file.c:52:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0644); data/dar-2.6.13/src/testing/moving_file.cpp:73:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fic.open(arg.c_str(), ios::out); data/dar-2.6.13/src/testing/test_blowfish.cpp:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100] = "bonjour les amis il fait chaud il fait beau ! "; data/dar-2.6.13/src/testing/test_blowfish.cpp:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/dar-2.6.13/src/testing/test_cache.cpp:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[200]; data/dar-2.6.13/src/testing/test_cache.cpp:121:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("titi", O_RDWR|O_TRUNC|O_CREAT|O_BINARY, 0666); data/dar-2.6.13/src/testing/test_cache.cpp:139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/dar-2.6.13/src/testing/test_elastic.cpp:86:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[taille]; data/dar-2.6.13/src/testing/test_elastic.cpp:87:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char biffir[taille]; data/dar-2.6.13/src/testing/test_elastic.cpp:105:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[taille]; data/dar-2.6.13/src/testing/test_elastic.cpp:150:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[taille]; data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:192:37: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_global *remotew = reposito.open(ui, data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:213:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_global *fic = reposito.open(ui, data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:241:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_global *foc = reposito.open(ui, data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:268:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_global *fac = reposito.open(ui, data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:277:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZE]; data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:315:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fichier_global *fec = reposito.open(ui, data/dar-2.6.13/src/testing/test_escape.cpp:84:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[buf_size]; data/dar-2.6.13/src/testing/test_filesystem.cpp:120:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(name.sun_path, "arbo/sub/prise"); data/dar-2.6.13/src/testing/test_filesystem.cpp:132:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = ::open("arbo/sub/fichier", O_WRONLY|O_CREAT|O_BINARY, 0777); data/dar-2.6.13/src/testing/test_generic_file.cpp:72:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). S_I fd = ::open(argv[2], O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0666); data/dar-2.6.13/src/testing/test_storage.cpp:132:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/dar-2.6.13/src/testing/test_tronconneuse.cpp:52:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/testing/test_tronconneuse.cpp:52:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/testing/test_tronconneuse.cpp:53:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/testing/test_tronconneuse.cpp:87:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(crypt_buf, clear_buf, clear_size); data/dar-2.6.13/src/testing/test_tronconneuse.cpp:99:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(clear_buf, crypt_buf, crypt_size - 1); data/dar-2.6.13/src/testing/test_tronconneuse.cpp:163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[taille]; data/dar-2.6.13/src/testing/test_tuyau.cpp:47:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/testing/test_tuyau.cpp:47:27: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/testing/test_tuyau.cpp:48:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/dar-2.6.13/src/testing/test_tuyau.cpp:106:20: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). duration = atol(argv[3]); data/dar-2.6.13/src/testing/test_tuyau.cpp:114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_buffer[buffer_size]; data/dar-2.6.13/src/testing/test_tuyau.cpp:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char in_buffer[buffer_size]; data/dar-2.6.13/src/testing/test_tuyau.cpp:165:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[buffer_size]; data/dar-2.6.13/src/testing/testtools.cpp:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[size]; data/dar-2.6.13/src/testing/testtools.cpp:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[size]; data/dar-2.6.13/misc/todos.c:64:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu=read(0,buffer,MAX); data/dar-2.6.13/src/dar_suite/command_line.cpp:1364:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p.pass_ref = secu_string(optarg, strlen(optarg)); data/dar-2.6.13/src/dar_suite/command_line.cpp:1372:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p.pass = secu_string(optarg, strlen(optarg)); data/dar-2.6.13/src/dar_suite/command_line.cpp:1716:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p.aux_pass = secu_string(optarg, strlen(optarg)); data/dar-2.6.13/src/dar_suite/command_line.cpp:1910:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(optarg) != 0) data/dar-2.6.13/src/dar_suite/command_line.cpp:2744:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *pseudo_command = new (nothrow) char[strlen(command)+1]; data/dar-2.6.13/src/dar_suite/command_line.cpp:2747:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pseudo_command, command, strlen(command)); data/dar-2.6.13/src/dar_suite/command_line.cpp:2747:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(pseudo_command, command, strlen(command)); data/dar-2.6.13/src/dar_suite/command_line.cpp:2748:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pseudo_command[strlen(command)] = '\0'; data/dar-2.6.13/src/dar_suite/config_file.cpp:143:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(!found && f.read(&a, 1) == 1) data/dar-2.6.13/src/dar_suite/dar_cp.cpp:167:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = (char *)malloc(strlen(src)+strlen(dst)+1+1); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:167:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = (char *)malloc(strlen(src)+strlen(dst)+1+1); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:176:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(tmp, "/"); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:257:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read(src, buffer, 1) == 1) data/dar-2.6.13/src/dar_suite/dar_cp.cpp:267:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int lu = read(src, buffer, block); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:293:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(src, buffer, 1); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:318:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(src, buffer, 1); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:332:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(src, buffer, 1); data/dar-2.6.13/src/dar_suite/dar_cp.cpp:348:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int lu = read(src, buffer, block); data/dar-2.6.13/src/dar_suite/dar_manager.cpp:1325:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(proper.read(&tmp, 1) == 1 && tmp != '\n') data/dar-2.6.13/src/dar_suite/dar_split.c:223:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read(fd, buf, bufsize) >= 0) data/dar-2.6.13/src/dar_suite/dar_split.c:234:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void)read(fd_inter, tmp, 3); data/dar-2.6.13/src/dar_suite/dar_split.c:270:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(0, buffer, BUFSIZE); data/dar-2.6.13/src/dar_suite/dar_split.c:383:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(fd, buffer, BUFSIZE); data/dar-2.6.13/src/dar_suite/hide_file.cpp:158:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp_lu = ref->read(a+lu, maxlire); data/dar-2.6.13/src/dar_suite/line_tools.cpp:112:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(x_argv[index], arg.c_str(), arg.size()); data/dar-2.6.13/src/dar_suite/line_tools.cpp:131:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). x_argv[index][f.read(x_argv[index], size)] = '\0'; data/dar-2.6.13/src/dar_suite/line_tools.cpp:891:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). result.read(tube); data/dar-2.6.13/src/dar_suite/line_tools.cpp:1708:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(!ret && contents.read(rest)) data/dar-2.6.13/src/dar_suite/line_tools.hpp:306:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&a, 1) != 1) // reached end of file data/dar-2.6.13/src/dar_suite/no_comment.cpp:44:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). stop = ref->read(&a, 1) != 1; data/dar-2.6.13/src/libdar/archive_num.cpp:54:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read(buffer, val_size); data/dar-2.6.13/src/libdar/archive_version.cpp:71:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void archive_version::read(generic_file & f) data/dar-2.6.13/src/libdar/archive_version.cpp:74:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I lu = f.read((char *)tmp, sizeof(tmp)); data/dar-2.6.13/src/libdar/archive_version.cpp:95:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = f.read((char *)tmp, 1); data/dar-2.6.13/src/libdar/archive_version.hpp:72:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file & f); data/dar-2.6.13/src/libdar/cache.cpp:372:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret += ref->read(a + ret, x_size - ret); // may fail if underlying is write_only data/dar-2.6.13/src/libdar/cache.cpp:626:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = ref->read(buffer + last, size - last); // may fail if underlying is write_only or user aborted data/dar-2.6.13/src/libdar/cache_global.hpp:96:70: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) override { read = buffer->read(a, size); return true; }; data/dar-2.6.13/src/libdar/cache_global.hpp:96:125: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) override { read = buffer->read(a, size); return true; }; data/dar-2.6.13/src/libdar/cat_delta_signature.cpp:50:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void cat_delta_signature::read(bool sequential_read, const archive_version & ver) data/dar-2.6.13/src/libdar/cat_delta_signature.cpp:58:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). delta_sig_size.read(*src); data/dar-2.6.13/src/libdar/cat_delta_signature.cpp:68:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). delta_sig_offset.read(*src); data/dar-2.6.13/src/libdar/cat_delta_signature.hpp:126:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(bool sequential_read, const archive_version & ver); data/dar-2.6.13/src/libdar/cat_detruit.cpp:45:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(ptr->read((char *)&signe, 1) != 1) data/dar-2.6.13/src/libdar/cat_detruit.cpp:49:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). del_date.read(*ptr, reading_ver); data/dar-2.6.13/src/libdar/cat_device.cpp:94:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(ptr->read((char *)&tmp, sizeof(tmp)) != sizeof(tmp)) data/dar-2.6.13/src/libdar/cat_device.cpp:97:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(ptr->read((char *)&tmp, sizeof(tmp)) != sizeof(tmp)) data/dar-2.6.13/src/libdar/cat_directory.cpp:126:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). p = cat_entree::read(dialog, pdesc, reading_ver, stats, corres, default_algo, lax, only_detruit, small); data/dar-2.6.13/src/libdar/cat_entree.cpp:42:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cat_entree *cat_entree::read(const shared_ptr<user_interaction> & dialog, data/dar-2.6.13/src/libdar/cat_entree.hpp:73:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static cat_entree *read(const std::shared_ptr<user_interaction> & dialog, data/dar-2.6.13/src/libdar/cat_file.cpp:157:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read(&file_data_status_read, sizeof(file_data_status_read)); data/dar-2.6.13/src/libdar/cat_file.cpp:170:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read(&tmp, sizeof(tmp)); data/dar-2.6.13/src/libdar/cat_file.cpp:213:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read(&file_data_status_read, sizeof(file_data_status_read)); data/dar-2.6.13/src/libdar/cat_file.cpp:249:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). delta_sig->read(false, reading_ver); data/dar-2.6.13/src/libdar/cat_file.cpp:260:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read(&file_data_status_read, sizeof(file_data_status_read)); data/dar-2.6.13/src/libdar/cat_file.cpp:267:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read(&tmp, sizeof(tmp)); data/dar-2.6.13/src/libdar/cat_file.cpp:276:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read(&file_data_status_read, sizeof(file_data_status_read)); data/dar-2.6.13/src/libdar/cat_file.cpp:1083:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). delta_sig->read(small, read_ver); data/dar-2.6.13/src/libdar/cat_inode.cpp:143:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read((char *)(&flag), 1); data/dar-2.6.13/src/libdar/cat_inode.cpp:173:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(ptr->read((char *)&tmp, sizeof(tmp)) != sizeof(tmp)) data/dar-2.6.13/src/libdar/cat_inode.cpp:176:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(ptr->read((char *)&tmp, sizeof(tmp)) != sizeof(tmp)) data/dar-2.6.13/src/libdar/cat_inode.cpp:186:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(ptr->read((char *)&tmp, sizeof(tmp)) != sizeof(tmp)) data/dar-2.6.13/src/libdar/cat_inode.cpp:190:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). last_acc.read(*ptr, reading_ver); data/dar-2.6.13/src/libdar/cat_inode.cpp:191:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). last_mod.read(*ptr, reading_ver); data/dar-2.6.13/src/libdar/cat_inode.cpp:195:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). last_cha.read(*ptr, reading_ver); data/dar-2.6.13/src/libdar/cat_inode.cpp:225:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). last_cha.read(*ptr, reading_ver); data/dar-2.6.13/src/libdar/cat_inode.cpp:238:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). last_cha.read(*ptr, reading_ver); data/dar-2.6.13/src/libdar/cat_inode.cpp:1122:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const_cast<cat_inode *>(this)->fsal->read(*reader, edit); data/dar-2.6.13/src/libdar/cat_mirage.cpp:121:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ptr->read(&tmp_flag, 1); data/dar-2.6.13/src/libdar/cat_mirage.cpp:168:42: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). entree_ptr = cat_entree::read(dialog, pdesc, reading_ver, fake_stats, corres, default_algo, lax, false, small); data/dar-2.6.13/src/libdar/cat_signature.cpp:71:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(f, reading_ver) || !get_base_and_status(tmp_base, tmp_status)) data/dar-2.6.13/src/libdar/cat_signature.cpp:75:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool cat_signature::read(generic_file & f, const archive_version & reading_ver) data/dar-2.6.13/src/libdar/cat_signature.cpp:77:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return f.read((char *)&field, 1) == 1; data/dar-2.6.13/src/libdar/cat_signature.hpp:64:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(generic_file & f, const archive_version & reading_ver); data/dar-2.6.13/src/libdar/catalogue.cpp:139:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ref_data_name.read(*pdesc.stack); data/dar-2.6.13/src/libdar/catalogue.cpp:266:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool catalogue::read(const cat_entree * & ref) const data/dar-2.6.13/src/libdar/catalogue.cpp:429:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read(ref) && sub_count > 0) data/dar-2.6.13/src/libdar/catalogue.cpp:642:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(ref.read(projo)) data/dar-2.6.13/src/libdar/catalogue.cpp:723:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(ref.read(projo)) data/dar-2.6.13/src/libdar/catalogue.cpp:952:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(ret && !read(moi)) data/dar-2.6.13/src/libdar/catalogue.cpp:1079:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read(ent)) data/dar-2.6.13/src/libdar/catalogue.cpp:1267:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read(ent)) data/dar-2.6.13/src/libdar/catalogue.cpp:1301:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(ref.read(ent)) data/dar-2.6.13/src/libdar/catalogue.hpp:87:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool read(const cat_entree * & ref) const; data/dar-2.6.13/src/libdar/compressor.cpp:432:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return compressed->read(a, size); data/dar-2.6.13/src/libdar/compressor.cpp:459:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). decompr->wrap.set_avail_in(compressed->read(decompr->buffer, data/dar-2.6.13/src/libdar/compressor.cpp:543:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read < size && !lzo_read_reached_eof) data/dar-2.6.13/src/libdar/compressor.cpp:546:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I to_read = size - read; data/dar-2.6.13/src/libdar/compressor.cpp:550:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void)memcpy(a+read, lzo_read_buffer+lzo_read_start, to_read); data/dar-2.6.13/src/libdar/compressor.cpp:558:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void)memcpy(a+read, lzo_read_buffer+lzo_read_start, available); data/dar-2.6.13/src/libdar/compressor.cpp:569:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read; data/dar-2.6.13/src/libdar/compressor.cpp:784:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lzo_uint read; data/dar-2.6.13/src/libdar/compressor.cpp:798:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = compressed->read(lzo_compressed, compr_size); data/dar-2.6.13/src/libdar/compressor.cpp:799:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read != compr_size) data/dar-2.6.13/src/libdar/compressor.cpp:802:105: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). status = lzo1x_decompress_safe((lzo_bytep)lzo_compressed, compr_size, (lzo_bytep)lzo_read_buffer, &read, wrkmem); data/dar-2.6.13/src/libdar/compressor.cpp:803:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lzo_read_size = read; data/dar-2.6.13/src/libdar/compressor.cpp:830:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read(&type, 1); data/dar-2.6.13/src/libdar/compressor.cpp:831:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). size.read(f); data/dar-2.6.13/src/libdar/crc.cpp:329:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)cyclic, size); data/dar-2.6.13/src/libdar/data_dir.cpp:606:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&sign, 1) != 1) data/dar-2.6.13/src/libdar/data_tree.cpp:88:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void data_tree::status::read(generic_file & f, unsigned char db_version) data/dar-2.6.13/src/libdar/data_tree.cpp:92:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). date.read(f, db2archive_version(db_version)); data/dar-2.6.13/src/libdar/data_tree.cpp:93:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&tmp, 1) != 1) data/dar-2.6.13/src/libdar/data_tree.cpp:172:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void data_tree::status_plus::read(generic_file &f, data/dar-2.6.13/src/libdar/data_tree.cpp:179:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). status::read(f, db_version); data/dar-2.6.13/src/libdar/data_tree.cpp:190:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char *)&flag, 1); data/dar-2.6.13/src/libdar/data_tree.cpp:276:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sta_plus.read(f, db_version); data/dar-2.6.13/src/libdar/data_tree.cpp:300:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sta.read(f, db_version); data/dar-2.6.13/src/libdar/data_tree.hpp:164:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual void read(generic_file &f, //< set the struct from file data/dar-2.6.13/src/libdar/data_tree.hpp:184:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file &f, //< set the struct from file data/dar-2.6.13/src/libdar/database_header.cpp:84:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file & f); data/dar-2.6.13/src/libdar/database_header.cpp:98:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void database_header::read(generic_file & f) data/dar-2.6.13/src/libdar/database_header.cpp:100:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char *)&version, 1); data/dar-2.6.13/src/libdar/database_header.cpp:103:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char *)&options, 1); data/dar-2.6.13/src/libdar/database_header.cpp:109:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read(&tmp, 1); data/dar-2.6.13/src/libdar/database_header.cpp:196:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). h.read(*ret); data/dar-2.6.13/src/libdar/datetime.cpp:46:2: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(x, ver); data/dar-2.6.13/src/libdar/datetime.cpp:342:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void datetime::read(generic_file &f, archive_version ver) data/dar-2.6.13/src/libdar/datetime.cpp:351:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read(&tmp, 1); data/dar-2.6.13/src/libdar/datetime.cpp:355:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sec.read(f); data/dar-2.6.13/src/libdar/datetime.cpp:357:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sub.read(f); data/dar-2.6.13/src/libdar/datetime.hpp:128:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file &f, archive_version ver); data/dar-2.6.13/src/libdar/ea.cpp:116:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool ea_attributs::read(string & key, string & value) const data/dar-2.6.13/src/libdar/ea.cpp:137:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(!diff && read(key, val)) data/dar-2.6.13/src/libdar/ea.cpp:182:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(arg.read(key, value)) data/dar-2.6.13/src/libdar/ea.cpp:198:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char *)(&fl), 1); data/dar-2.6.13/src/libdar/ea.hpp:64:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(std::string & key, std::string & value) const; data/dar-2.6.13/src/libdar/ea_filesystem.cpp:175:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(val.read(key, value)) data/dar-2.6.13/src/libdar/ea_filesystem.cpp:210:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(val.read(key, value)) data/dar-2.6.13/src/libdar/ea_filesystem.cpp:353:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cursor += strlen(liste+cursor)+1; data/dar-2.6.13/src/libdar/escape.cpp:211:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read_buffer_size = x_below->read(read_buffer, READ_BUFFER_SIZE); data/dar-2.6.13/src/libdar/escape.cpp:390:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = x_below->read(tmp_buffer, ESCAPE_SEQUENCE_LENGTH); data/dar-2.6.13/src/libdar/escape.cpp:409:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = x_below->read(tmp_buffer, width); // may throw exception data/dar-2.6.13/src/libdar/escape.cpp:615:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I read; data/dar-2.6.13/src/libdar/escape.cpp:623:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = x_below->read(a + returned, needed); data/dar-2.6.13/src/libdar/escape.cpp:624:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). below_position += read; data/dar-2.6.13/src/libdar/escape.cpp:625:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read < needed) data/dar-2.6.13/src/libdar/escape.cpp:630:93: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). escape_seq_offset_in_buffer = remove_data_marks_and_stop_at_first_real_mark(a + returned, read, delta, fixed_sequence); data/dar-2.6.13/src/libdar/escape.cpp:633:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(escape_seq_offset_in_buffer > read) data/dar-2.6.13/src/libdar/escape.cpp:637:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(escape_seq_offset_in_buffer < read) data/dar-2.6.13/src/libdar/escape.cpp:661:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). returned += read; data/dar-2.6.13/src/libdar/escape.cpp:994:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). short_read = x_below->read(read_buffer + read_buffer_size, ESCAPE_SEQUENCE_LENGTH - avail); data/dar-2.6.13/src/libdar/escape_catalogue.cpp:83:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp.read(*(pdesc->esc)); data/dar-2.6.13/src/libdar/escape_catalogue.cpp:409:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool escape_catalogue::read(const cat_entree * & ref) const data/dar-2.6.13/src/libdar/escape_catalogue.cpp:419:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return catalogue::read(ref); data/dar-2.6.13/src/libdar/escape_catalogue.cpp:457:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ref = cat_entree::read(get_pointer(), data/dar-2.6.13/src/libdar/escape_catalogue.cpp:698:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!cat_det->read(ref)) data/dar-2.6.13/src/libdar/escape_catalogue.cpp:710:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return catalogue::read(ref); data/dar-2.6.13/src/libdar/escape_catalogue.hpp:91:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool read(const cat_entree * & ref) const override; data/dar-2.6.13/src/libdar/etage.cpp:33:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define NAMLEN(dirent) strlen((dirent)->d_name) data/dar-2.6.13/src/libdar/etage.cpp:163:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(ret->d_name) >= max_alloc_filename) data/dar-2.6.13/src/libdar/etage.cpp:212:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool etage::read(string & ref) data/dar-2.6.13/src/libdar/etage.cpp:241:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). U_I len = strlen(CACHE_DIR_TAG_FILENAME_CONTENTS); data/dar-2.6.13/src/libdar/etage.cpp:249:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = fic.read(buffer, len); data/dar-2.6.13/src/libdar/etage.hpp:64:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(std::string & ref); data/dar-2.6.13/src/libdar/fichier_global.cpp:127:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(!fichier_global_inherited_read(a+ret, size-ret, read, message)) data/dar-2.6.13/src/libdar/fichier_global.cpp:129:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret += read; data/dar-2.6.13/src/libdar/fichier_global.cpp:133:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret += read; data/dar-2.6.13/src/libdar/fichier_global.hpp:132:70: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) = 0; data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:398:82: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool fichier_libcurl::fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:435:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read < size // we requested more data than what we got so far data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:441:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I remaining = size - read; data/dar-2.6.13/src/libdar/fichier_libcurl.cpp:450:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read < size && (is_running() || interthread.is_not_empty())); data/dar-2.6.13/src/libdar/fichier_libcurl.hpp:124:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) override; data/dar-2.6.13/src/libdar/fichier_local.cpp:267:80: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool fichier_local::fichier_global_inherited_read(char *a, U_I size, U_I & read, string & message) data/dar-2.6.13/src/libdar/fichier_local.cpp:278:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I to_read = size - read > SSIZE_MAX ? SSIZE_MAX : size - read; data/dar-2.6.13/src/libdar/fichier_local.cpp:278:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I to_read = size - read > SSIZE_MAX ? SSIZE_MAX : size - read; data/dar-2.6.13/src/libdar/fichier_local.cpp:280:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I to_read = size - read; data/dar-2.6.13/src/libdar/fichier_local.cpp:283:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = ::read(filedesc, a+read, to_read); data/dar-2.6.13/src/libdar/fichier_local.cpp:283:38: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = ::read(filedesc, a+read, to_read); data/dar-2.6.13/src/libdar/fichier_local.cpp:302:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read < size && ret != 0); data/dar-2.6.13/src/libdar/fichier_local.hpp:122:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) override; data/dar-2.6.13/src/libdar/filesystem_backup.cpp:231:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool filesystem_backup::read(cat_entree * & ref, infinint & errors, infinint & skipped_dump) data/dar-2.6.13/src/libdar/filesystem_backup.cpp:253:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!inner.read(name)) data/dar-2.6.13/src/libdar/filesystem_backup.hpp:79:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(cat_entree * & ref, infinint & errors, infinint & skipped_dump); data/dar-2.6.13/src/libdar/filesystem_hard_link_write.cpp:432:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(addr.sun_path, name, UNIX_PATH_MAX - 1); data/dar-2.6.13/src/libdar/filesystem_hard_link_write.cpp:434:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(addr.sun_path) < strlen(name)) data/dar-2.6.13/src/libdar/filesystem_hard_link_write.cpp:434:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(addr.sun_path) < strlen(name)) data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp:211:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void filesystem_specific_attribute_list::read(generic_file & f, archive_version ver) data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp:231:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = f.read(buffer, FAM_SIG_WIDTH); data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp:237:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = f.read(buffer, NAT_SIG_WIDTH); data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp:1220:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). S_I lu = f.read(&ch, 1); data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp:1256:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val.read(f); data/dar-2.6.13/src/libdar/filesystem_specific_attribute.cpp:1279:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val.read(f, ver); data/dar-2.6.13/src/libdar/filesystem_specific_attribute.hpp:158:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file & f, archive_version ver); data/dar-2.6.13/src/libdar/filesystem_tools.cpp:172:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(fils.read(tmp)) data/dar-2.6.13/src/libdar/filtre.cpp:232:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(cat.read(e)) data/dar-2.6.13/src/libdar/filtre.cpp:621:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(fs.read(e, fs_errors, skipped_dump)) data/dar-2.6.13/src/libdar/filtre.cpp:1224:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(cat.read(e)) data/dar-2.6.13/src/libdar/filtre.cpp:1417:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(cat.read(e)) data/dar-2.6.13/src/libdar/filtre.cpp:1914:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(ref_tab[index]->read(e)) // examining the content of the current archive of reference, each entry one by one data/dar-2.6.13/src/libdar/filtre.cpp:2683:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(cat.read(e)) data/dar-2.6.13/src/libdar/filtre.cpp:2940:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(cat.read(e)) data/dar-2.6.13/src/libdar/filtre.cpp:4351:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(ref2.read(ent_key, ent_val)) data/dar-2.6.13/src/libdar/generic_file.cpp:126:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu_me = read(buffer_me, BUFFER_SIZE); data/dar-2.6.13/src/libdar/generic_file.cpp:127:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu_ref = ref.read(buffer_ref, BUFFER_SIZE); data/dar-2.6.13/src/libdar/generic_file.cpp:154:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I generic_file::read(char *a, U_I size) data/dar-2.6.13/src/libdar/generic_file.cpp:193:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I ret = read(&a,1); data/dar-2.6.13/src/libdar/generic_file.cpp:213:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = this->read(buffer, BUFFER_SIZE); data/dar-2.6.13/src/libdar/generic_file.cpp:260:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(buffer, pas); data/dar-2.6.13/src/libdar/generic_file.cpp:352:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu1 = read(buffer1, BUFFER_SIZE); data/dar-2.6.13/src/libdar/generic_file.cpp:353:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu2 = f.read(buffer2, BUFFER_SIZE); data/dar-2.6.13/src/libdar/generic_file.hpp:126:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual U_I read(char *a, U_I size) override; data/dar-2.6.13/src/libdar/generic_file.hpp:140:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). S_I read_forward(char &a) { if(terminated) throw SRC_BUG; return read(&a, 1); }; data/dar-2.6.13/src/libdar/generic_file_overlay_for_gpgme.cpp:67:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return obj->get_below()->read((char*)buffer, size); data/dar-2.6.13/src/libdar/generic_rsync.cpp:155:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu += base_signature->read(inbuf + lu, BUFFER_SIZE - lu); data/dar-2.6.13/src/libdar/generic_rsync.cpp:299:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = x_below->read(a, size); data/dar-2.6.13/src/libdar/generic_rsync.cpp:318:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I tmp = x_below->read(working_buffer + working_size, data/dar-2.6.13/src/libdar/generic_rsync.cpp:346:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). working_size += x_below->read(working_buffer + working_size, data/dar-2.6.13/src/libdar/generic_rsync.cpp:440:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = me->x_input->read((char *)*buf, *len); data/dar-2.6.13/src/libdar/generic_thread.cpp:301:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). min = size - read; // what's still need to be read data/dar-2.6.13/src/libdar/generic_thread.cpp:306:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void)memcpy(a + read, data_ptr + 1, min); data/dar-2.6.13/src/libdar/generic_thread.cpp:313:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void)memcpy(a + read, data_ptr + 1, data_num); data/dar-2.6.13/src/libdar/generic_thread.cpp:320:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(!reached_eof && read < size); data/dar-2.6.13/src/libdar/generic_thread.cpp:322:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read; data/dar-2.6.13/src/libdar/generic_to_global_file.hpp:91:70: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) override { read = data->read(a, size); message = "THIS IS A BUG IN GENERIC_TO_GLOBAL_FILE, PLEASE REPORT TO THE MAINTAINER!"; return true; }; data/dar-2.6.13/src/libdar/generic_to_global_file.hpp:91:123: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) override { read = data->read(a, size); message = "THIS IS A BUG IN GENERIC_TO_GLOBAL_FILE, PLEASE REPORT TO THE MAINTAINER!"; return true; }; data/dar-2.6.13/src/libdar/hash_fichier.cpp:111:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool hash_fichier::fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) data/dar-2.6.13/src/libdar/hash_fichier.cpp:116:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = ref->read(a, size); data/dar-2.6.13/src/libdar/hash_fichier.cpp:118:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read > 0) data/dar-2.6.13/src/libdar/hash_fichier.cpp:119:50: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). gcry_md_write(hash_handle, (const void *)a, read); data/dar-2.6.13/src/libdar/hash_fichier.hpp:113:71: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool fichier_global_inherited_read(char *a, U_I size, U_I & read, std::string & message) override; data/dar-2.6.13/src/libdar/header.cpp:93:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void header::read(user_interaction & ui, generic_file & f, bool lax) data/dar-2.6.13/src/libdar/header.cpp:102:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read((char *)&tmp, sizeof(magic_number)) != sizeof(magic_number)) data/dar-2.6.13/src/libdar/header.cpp:107:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). internal_name.read(f); data/dar-2.6.13/src/libdar/header.cpp:113:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&flag, 1) != 1) data/dar-2.6.13/src/libdar/header.cpp:115:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&extension, 1) != 1) data/dar-2.6.13/src/libdar/header.cpp:186:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tempo.read(f); // read the list of TLV stored in the header data/dar-2.6.13/src/libdar/header.cpp:362:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). first_size->read(extension[index]); data/dar-2.6.13/src/libdar/header.cpp:369:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). slice_size->read(extension[index]); data/dar-2.6.13/src/libdar/header.cpp:375:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). data_name.read(extension[index]); data/dar-2.6.13/src/libdar/header.hpp:79:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(user_interaction & ui, generic_file & f, bool lax = false ); data/dar-2.6.13/src/libdar/header_version.cpp:60:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void header_version::read(generic_file & f, user_interaction & dialog, bool lax_mode) data/dar-2.6.13/src/libdar/header_version.cpp:69:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). edition.read(f); data/dar-2.6.13/src/libdar/header_version.cpp:107:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&tmp, 1) == 1) // compression algo data/dar-2.6.13/src/libdar/header_version.cpp:145:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read((char *)&tomp, 1) != 1) data/dar-2.6.13/src/libdar/header_version.cpp:156:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read((char *)&tomp, 1) != 1) data/dar-2.6.13/src/libdar/header_version.cpp:164:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). initial_offset.read(f); data/dar-2.6.13/src/libdar/header_version.cpp:174:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&tmp, sizeof(tmp)) != 1) data/dar-2.6.13/src/libdar/header_version.cpp:236:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ref_layout->read(f); data/dar-2.6.13/src/libdar/header_version.cpp:260:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). iteration_count.read(f); data/dar-2.6.13/src/libdar/header_version.cpp:261:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char *)&tmp_hash, 1); data/dar-2.6.13/src/libdar/header_version.hpp:58:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file &f, user_interaction & dialog, bool lax_mode); data/dar-2.6.13/src/libdar/i_archive.cpp:1202:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(get_cat().read(e)) data/dar-2.6.13/src/libdar/i_archive.cpp:1416:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cat->read(tmp); // should be enough to have the whole catalogue being read if using sequential read mode data/dar-2.6.13/src/libdar/i_archive.cpp:1614:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cat->read(tmp); // should be enough to have the whole catalogue being read data/dar-2.6.13/src/libdar/i_archive.cpp:1742:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cat->read(tmp); // should be enough to have the whole catalogue being read data/dar-2.6.13/src/libdar/i_archive.cpp:1777:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cat->read(tmp); // should be enough to have the whole catalogue being read data/dar-2.6.13/src/libdar/i_database.cpp:115:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dat.root_last_mod.read(f, db2archive_version(db_version)); data/dar-2.6.13/src/libdar/i_database.cpp:741:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = f.read((char *)buffer, taille); data/dar-2.6.13/src/libdar/label.cpp:120:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void label::read(generic_file & f) data/dar-2.6.13/src/libdar/label.cpp:122:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(val, LABEL_SIZE) != (S_I)LABEL_SIZE) data/dar-2.6.13/src/libdar/label.hpp:60:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file & f); data/dar-2.6.13/src/libdar/limitint.hpp:121:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(proto_generic_file &f) { build_from_file(f); }; data/dar-2.6.13/src/libdar/limitint.hpp:269:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = x.read((char *)&a, 1); data/dar-2.6.13/src/libdar/limitint.hpp:300:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = x.read(ptr, skip.field); data/dar-2.6.13/src/libdar/list_entry.cpp:299:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(arg.read(key, val)) data/dar-2.6.13/src/libdar/macro_tools.cpp:537:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ver.read(stack, *dialog, lax); data/dar-2.6.13/src/libdar/mask_list.cpp:107:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = source.read(buffer, buf_size); data/dar-2.6.13/src/libdar/messaging.cpp:364:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret.read(me->buffer); data/dar-2.6.13/src/libdar/messaging.cpp:381:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = me->buffer.read((char *)(&ret), sizeof(ret)); data/dar-2.6.13/src/libdar/messaging.cpp:416:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = me->buffer.read(&tmp, sizeof(tmp)); data/dar-2.6.13/src/libdar/messaging.cpp:433:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret.read(me->buffer); data/dar-2.6.13/src/libdar/messaging.cpp:497:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). wrote = buffer.read(ptr + 1, size - 1); data/dar-2.6.13/src/libdar/pile.cpp:285:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return stack.back().ptr->read(a, size); data/dar-2.6.13/src/libdar/proto_generic_file.hpp:84:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual U_I read(char *a, U_I size) = 0; data/dar-2.6.13/src/libdar/real_infinint.cpp:67:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = x.read((char *)&a, 1); data/dar-2.6.13/src/libdar/real_infinint.hpp:90:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(proto_generic_file &f) { detruit(); build_from_file(f); }; data/dar-2.6.13/src/libdar/sar.cpp:33:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define NAMLEN(dirent) strlen((dirent)->d_name) data/dar-2.6.13/src/libdar/sar.cpp:548:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = of_fd->read(a+lu, sz-lu); data/dar-2.6.13/src/libdar/sar.cpp:725:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). h.read(get_ui(), *of_fd, lax); data/dar-2.6.13/src/libdar/sar.cpp:872:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). of_fd->read(&end_flag, 1); // reading the last char of the slice data/dar-2.6.13/src/libdar/sar.cpp:1043:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). h.read(get_ui(), *of_fd); data/dar-2.6.13/src/libdar/scrambler.cpp:49:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I ret = ref->read(a, size); data/dar-2.6.13/src/libdar/secu_string.cpp:96:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = ::read(fd, mem + offset, *allocated_size - 1 - offset); data/dar-2.6.13/src/libdar/secu_string.cpp:137:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). S_I lu = ::read(fd, mem + offset, size); data/dar-2.6.13/src/libdar/shell_interaction.cpp:238:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read(input, &a, 1) < 0) data/dar-2.6.13/src/libdar/shell_interaction.cpp:436:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read(input, buffer, bufsize) >= 0) data/dar-2.6.13/src/libdar/shell_interaction.cpp:444:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp_ret = read(input, &a, 1); data/dar-2.6.13/src/libdar/shell_interaction.cpp:451:3: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(10000); // let a change for any other typed character to reach the input device data/dar-2.6.13/src/libdar/shell_interaction.cpp:452:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp_sup = read(input, &b, 1); data/dar-2.6.13/src/libdar/shell_interaction.cpp:503:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = ::read(input, buffer, taille); data/dar-2.6.13/src/libdar/slave_thread.cpp:242:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). size = data->read(local_ptr + 1, min); data/dar-2.6.13/src/libdar/slave_zapette.cpp:104:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). req.read(in); data/dar-2.6.13/src/libdar/slave_zapette.cpp:125:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ans.size = src->read(buffer, req.size); data/dar-2.6.13/src/libdar/slice_layout.cpp:29:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void slice_layout::read(generic_file & f) data/dar-2.6.13/src/libdar/slice_layout.cpp:33:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). first_size.read(f); data/dar-2.6.13/src/libdar/slice_layout.cpp:34:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). other_size.read(f); data/dar-2.6.13/src/libdar/slice_layout.cpp:35:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). first_slice_header.read(f); data/dar-2.6.13/src/libdar/slice_layout.cpp:36:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). other_slice_header.read(f); data/dar-2.6.13/src/libdar/slice_layout.cpp:37:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f.read(&tmp , 1) == 1) data/dar-2.6.13/src/libdar/slice_layout.hpp:61:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file & f); data/dar-2.6.13/src/libdar/sparse_file.cpp:170:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). zero_count.read(*this); data/dar-2.6.13/src/libdar/sparse_file.cpp:281:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). zero_count.read(*this); data/dar-2.6.13/src/libdar/storage.cpp:79:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = f.read(((char *)(ptr->data))+lu, ptr->size - lu); data/dar-2.6.13/src/libdar/storage.cpp:193:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I storage::read(iterator & it, unsigned char *a, U_I size) const data/dar-2.6.13/src/libdar/storage.cpp:199:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(read < size && it != end()) data/dar-2.6.13/src/libdar/storage.cpp:201:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_32 to_read = size - read; data/dar-2.6.13/src/libdar/storage.cpp:207:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void)memcpy(a + read, it.cell->data + it.offset, to_read); data/dar-2.6.13/src/libdar/storage.cpp:214:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void)memcpy(a + read, it.cell->data + it.offset, space); data/dar-2.6.13/src/libdar/storage.cpp:224:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read; data/dar-2.6.13/src/libdar/storage.hpp:165:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I read(iterator & it, unsigned char *a, U_I size) const; data/dar-2.6.13/src/libdar/storage.hpp:168:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(iterator & it, unsigned char &a) const data/dar-2.6.13/src/libdar/storage.hpp:169:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). { return read(it, &a, 1) == 1; }; data/dar-2.6.13/src/libdar/tlv.cpp:61:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char *)&type, 2); data/dar-2.6.13/src/libdar/tlv.cpp:63:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). length.read(f); data/dar-2.6.13/src/libdar/tlv_list.cpp:59:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). number.read(f); // read from file the number of tlv stored data/dar-2.6.13/src/libdar/tlv_list.hpp:52:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file & f) { init(f); }; ///< erase and read a list from a file data/dar-2.6.13/src/libdar/tools.cpp:213:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = f.read(a, 1); data/dar-2.6.13/src/libdar/tools.cpp:242:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = f.read(buffer, max_read); data/dar-2.6.13/src/libdar/tools.cpp:1039:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). U_32 taille = strlen(format)+1; data/dar-2.6.13/src/libdar/tools.cpp:1052:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(copie, format, taille); data/dar-2.6.13/src/libdar/tools.cpp:2124:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, val, MSGSIZE); data/dar-2.6.13/src/libdar/tools.cpp:2131:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, tmp.c_str(), tools_min((size_t)(tmp.size()+1), (size_t)(MSGSIZE))); data/dar-2.6.13/src/libdar/tools.cpp:2136:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(buffer, tmp, MSGSIZE); data/dar-2.6.13/src/libdar/tools.cpp:2155:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(buffer, "Lack of memory to display gpgme error message", MSGSIZE); data/dar-2.6.13/src/libdar/trivial_sar.cpp:33:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define NAMLEN(dirent) strlen((dirent)->d_name) data/dar-2.6.13/src/libdar/trivial_sar.cpp:508:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tete.read(get_ui(), *reference); data/dar-2.6.13/src/libdar/trivial_sar.cpp:536:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). U_I ret = reference->read(a, size); data/dar-2.6.13/src/libdar/tronc.cpp:271:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = ref->read(a+lu, micro_pas); data/dar-2.6.13/src/libdar/tronc.cpp:284:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = ref->read(a, size); data/dar-2.6.13/src/libdar/tronconneuse.cpp:429:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). encrypted_buf_data += encrypted->read(encrypted_buf, encrypted_buf_size - encrypted_buf_data); data/dar-2.6.13/src/libdar/tronconneuse.cpp:594:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). extra_buf_data = encrypted->read(extra_buf, extra_buf_size); data/dar-2.6.13/src/libdar/tuyau.cpp:252:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). S_I ret = ::read(filedesc, &next_to_read, 1); data/dar-2.6.13/src/libdar/tuyau.cpp:302:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = ::read(filedesc, a+lu, to_read); data/dar-2.6.13/src/libdar/tuyau.cpp:458:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(buffer, step); data/dar-2.6.13/src/libdar/tuyau.cpp:488:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((lu = read(buffer, BUFFER_SIZE)) > 0) data/dar-2.6.13/src/libdar/zapette.cpp:295:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ans.read(in, data, size); data/dar-2.6.13/src/libdar/zapette_protocol.cpp:63:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void request::read(generic_file *f) data/dar-2.6.13/src/libdar/zapette_protocol.cpp:68:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(f->read(&serial_num, 1) == 0) data/dar-2.6.13/src/libdar/zapette_protocol.cpp:75:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pas += f->read((char *)&tmp+pas, sizeof(tmp)-pas); data/dar-2.6.13/src/libdar/zapette_protocol.cpp:107:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void answer::read(generic_file *f, char *data, U_16 max) data/dar-2.6.13/src/libdar/zapette_protocol.cpp:112:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f->read(&serial_num, 1); data/dar-2.6.13/src/libdar/zapette_protocol.cpp:113:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f->read(&type, 1); data/dar-2.6.13/src/libdar/zapette_protocol.cpp:119:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pas += f->read((char *)&tmp+pas, sizeof(tmp)-pas); data/dar-2.6.13/src/libdar/zapette_protocol.cpp:123:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pas += f->read(data+pas, size-pas); data/dar-2.6.13/src/libdar/zapette_protocol.cpp:130:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f->read(&black_hole, 1); data/dar-2.6.13/src/libdar/zapette_protocol.hpp:67:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file *f); // slave side data/dar-2.6.13/src/libdar/zapette_protocol.hpp:78:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(generic_file *f, char *data, U_16 max); // master side data/dar-2.6.13/src/python/pybind11_libdar.cpp:321:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). .def("read", &libdar::real_infinint::read) data/dar-2.6.13/src/python/pybind11_libdar.cpp:355:62: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). .def("read", &libdar::limitint<libdar::INFININT_BASE_TYPE>::read) data/dar-2.6.13/src/testing/hashsum.c:211:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = read(fd, buffer, BUFSIZE); data/dar-2.6.13/src/testing/moving_file.cpp:77:2: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(50000); // sleep 50 ms data/dar-2.6.13/src/testing/test_blowfish.cpp:93:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bf.write(buffer, strlen(buffer)); data/dar-2.6.13/src/testing/test_blowfish.cpp:109:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = bf.read(buffer, 100); data/dar-2.6.13/src/testing/test_blowfish.cpp:113:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = bf.read(buffer, 100); data/dar-2.6.13/src/testing/test_blowfish.cpp:117:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = bf.read(buffer, 100); data/dar-2.6.13/src/testing/test_cache.cpp:106:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer, 3); data/dar-2.6.13/src/testing/test_cache.cpp:107:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer+3, 22); data/dar-2.6.13/src/testing/test_cache.cpp:110:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer, 5); data/dar-2.6.13/src/testing/test_cache.cpp:112:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer, 5); data/dar-2.6.13/src/testing/test_cache.cpp:114:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer, 30); data/dar-2.6.13/src/testing/test_cache.cpp:115:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer+30, 5); data/dar-2.6.13/src/testing/test_cache.cpp:116:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer+35, 50); data/dar-2.6.13/src/testing/test_cache.cpp:132:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c.write(buf, strlen(buf)); data/dar-2.6.13/src/testing/test_cache.cpp:136:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c.write(buf, strlen(buf)); data/dar-2.6.13/src/testing/test_cache.cpp:140:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer, 3); data/dar-2.6.13/src/testing/test_cache.cpp:142:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c.read(buffer, 99); data/dar-2.6.13/src/testing/test_catalogue.cpp:139:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ref = cat_entree::read(ui, pdesc, macro_tools_supported_version, stats, corres, compression::none, false, false, false); data/dar-2.6.13/src/testing/test_catalogue.cpp:169:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ref = cat_entree::read(ui, pdesc, macro_tools_supported_version, stats, corres, compression::none, false, false, false); data/dar-2.6.13/src/testing/test_catalogue.cpp:220:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(cat.read(ref)) data/dar-2.6.13/src/testing/test_catalogue.cpp:255:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(lst.read(ref)) data/dar-2.6.13/src/testing/test_elastic.cpp:154:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fic.write(ttt, strlen(ttt)); data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:289:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tamp = fac->read(buf, step); data/dar-2.6.13/src/testing/test_entrepot_libcurl.cpp:299:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tamp = fac->read(buf, step); data/dar-2.6.13/src/testing/test_escape.cpp:67:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tested.write(seq1, strlen(seq1)); data/dar-2.6.13/src/testing/test_escape.cpp:69:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tested.write(seq2, strlen(seq2)); data/dar-2.6.13/src/testing/test_escape.cpp:91:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = tested.read((char *)buffer, buf_size); data/dar-2.6.13/src/testing/test_escape.cpp:95:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = tested.read((char *)buffer, buf_size); data/dar-2.6.13/src/testing/test_escape.cpp:101:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = tested.read((char *)buffer, buf_size); data/dar-2.6.13/src/testing/test_escape.cpp:108:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = tested.read((char *)buffer, buf_size); data/dar-2.6.13/src/testing/test_escape.cpp:112:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu = tested.read((char *)buffer, buf_size); data/dar-2.6.13/src/testing/test_filesystem.cpp:135:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(fd, phrase, strlen(phrase)); data/dar-2.6.13/src/testing/test_filesystem.cpp:164:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(fs.read(p, errors, skipped_dump)) data/dar-2.6.13/src/testing/test_filesystem.cpp:220:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(cat->read(e)) data/dar-2.6.13/src/testing/test_limitint.cpp:107:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r2.read(fic); data/dar-2.6.13/src/testing/test_storage.cpp:135:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). st2.read(it, (unsigned char *)buffer, st2.size() % 100); data/dar-2.6.13/src/testing/test_tronconneuse.cpp:140:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define TEST_WRITE(x) toto->write(x, strlen(x)) data/dar-2.6.13/src/testing/test_tronconneuse.cpp:141:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define WRITE_TO(x, y) x.write(y, strlen(y)) data/dar-2.6.13/src/testing/test_tronconneuse.cpp:165:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buffer[toto->read(buffer, 5)] = '\0'; data/dar-2.6.13/src/testing/test_tronconneuse.cpp:168:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buffer[toto->read(buffer, taille)] = '\0'; data/dar-2.6.13/src/testing/test_tronconneuse.cpp:173:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buffer[toto->read(buffer, 5)] = '\0'; data/dar-2.6.13/src/testing/test_tronconneuse.cpp:178:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buffer[toto->read(buffer, 5)] = '\0'; data/dar-2.6.13/src/testing/test_tronconneuse.cpp:183:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buffer[toto->read(buffer, 5)] = '\0'; data/dar-2.6.13/src/testing/test_tuyau.cpp:135:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu += in->read(in_buffer+lu, buffer_size-lu); data/dar-2.6.13/src/testing/test_tuyau.cpp:172:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lu += in->read(buffer+lu, buffer_size-lu); data/dar-2.6.13/src/testing/testtools.cpp:43:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). S_I lu = f.read(buffer, size); ANALYSIS SUMMARY: Hits = 693 Lines analyzed = 110550 in approximately 2.38 seconds (46517 lines/second) Physical Source Lines of Code (SLOC) = 78161 Hits@level = [0] 954 [1] 388 [2] 269 [3] 16 [4] 16 [5] 4 Hits@level+ = [0+] 1647 [1+] 693 [2+] 305 [3+] 36 [4+] 20 [5+] 4 Hits/KSLOC@level+ = [0+] 21.0719 [1+] 8.86631 [2+] 3.9022 [3+] 0.460588 [4+] 0.255882 [5+] 0.0511764 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.