Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ecere-sdk-0.44.15/audio/audio.ec
Examining data/ecere-sdk-0.44.15/audio/mixer.ec
Examining data/ecere-sdk-0.44.15/audio/alsa.ec
Examining data/ecere-sdk-0.44.15/audio/dsound.ec
Examining data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec
Examining data/ecere-sdk-0.44.15/documentor/src/SettingsDialog.ec
Examining data/ecere-sdk-0.44.15/documentor/src/Documentor.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/instance.c
Examining data/ecere-sdk-0.44.15/ecere/src/com/OldList.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/CustomAVLTree.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/List.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/LinkList.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/Array.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/Container.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/BuiltInContainer.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/AVLTree.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/containers/Map.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/instance.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/String.ec
Examining data/ecere-sdk-0.44.15/ecere/src/com/BinaryTree.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/Thread.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/memory.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/File.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/File.c
Examining data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/FileMonitor.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/units.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c
Examining data/ecere-sdk-0.44.15/ecere/src/sys/Semaphore.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/System.c
Examining data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/unicode.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/Archive.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/JSONGlobalSettings.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/Mutex.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/System.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec
Examining data/ecere-sdk-0.44.15/ecere/src/sys/Condition.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/imgDistMap.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/BitmapResource.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/PNGFormat.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/BMPFormat.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/GIFFormat.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/RGBFormat.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/PCXFormat.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/JPEGFormat.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/DirectDrawDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/immediate.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/gl123es.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/gl_compat_4_4.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/wglDefs.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/gl_compat_4_4.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/glab.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/egl.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32BitmapPrinterDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/lfbConvert.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/XDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D9DisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/lfbRGBLookup.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/LFBDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/GDIDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gdef-private.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gsub.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gdef.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-buffer.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-indic.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-open-private.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-dump-main.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gpos-private.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-shaper.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-impl.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-external.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-buffer.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gpos.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-shaper-private.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gsub.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-global.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-khmer.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gpos.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-arabic.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-impl.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-hangul.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-open.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-stream.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-stream.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-myanmar.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-shaper.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gdef.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-dump.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-dump.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-open.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-hebrew.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-gsub-private.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/harfbuzz-freetype.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/harfbuzz-unicode.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/harfbuzz-freetype.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/harfbuzz-unicode-tables.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/tables/script-properties.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/tables/grapheme-break-properties.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/tables/combining-properties.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/tables/category-properties.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/unicode/harfbuzz-unicode.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-thai.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-stream-private.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-shape.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-buffer-private.h
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-tibetan.c
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32PrinterDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/NCursesDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D8DisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32ConsoleDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/lfbBlit.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/CocoaOpenGLDisplayDriver.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/FontResource.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/Resource.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/DisplaySystem.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Quaternion.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/Cube.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/Sphere.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Vector3D.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Object.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Camera.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Mesh.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Plane.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gfx/Display.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Cursor.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Timer.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Desktop3D.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/FormDesigner.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/Win32Interface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/cocoa/CocoaDispatch.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/cocoa/CocoaInterface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/cocoa/EcereView.h
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/cocoa/CocoaEcereBridge.h
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/Win32ConsoleInterface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/EmscriptenInterface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/drivers/NCursesInterface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Key.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Interface.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/skins/TVisionSkin.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/skins/AquaSkin.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/GuiApplication.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Skin.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/Stacker.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/PaneSplitter.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/ProgressBar.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/SelectorBar.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/Picture.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/CalendarControl.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/Label.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/DropBox.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/DataBox.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/ToolTip.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/StatusBar.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/TabControl.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/Button.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/ScrollBar.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/typeEdit.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/WindowList.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/GoToDialog.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ColorPicker.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FindDialog.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/MessageBox.ec
Examining data/ecere-sdk-0.44.15/ecere/src/gui/ClipBoard.ec
Examining data/ecere-sdk-0.44.15/ecere/src/net/Service.ec
Examining data/ecere-sdk-0.44.15/ecere/src/net/dcom.ec
Examining data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec
Examining data/ecere-sdk-0.44.15/ecere/src/net/SSLSocket.ec
Examining data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec
Examining data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec
Examining data/ecere-sdk-0.44.15/ecere/src/net/network.ec
Examining data/ecere-sdk-0.44.15/samples/android/helloAndroid.ec
Examining data/ecere-sdk-0.44.15/samples/eC/staticLink/staticLink.ec
Examining data/ecere-sdk-0.44.15/samples/eC/FindPrime/findPrime.ec
Examining data/ecere-sdk-0.44.15/samples/eC/HelloWorld/HelloWorld.ec
Examining data/ecere-sdk-0.44.15/samples/eC/ampheck/main.ec
Examining data/ecere-sdk-0.44.15/samples/eC/ecas/misc.ec
Examining data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec
Examining data/ecere-sdk-0.44.15/samples/eC/ecas/ecas.ec
Examining data/ecere-sdk-0.44.15/samples/eC/neural/neural.ec
Examining data/ecere-sdk-0.44.15/samples/eC/neural/neurons.ec
Examining data/ecere-sdk-0.44.15/samples/eC/fibonacci/fibo.ec
Examining data/ecere-sdk-0.44.15/samples/threads/threadsAndListBoxes/blank.ec
Examining data/ecere-sdk-0.44.15/samples/audio/Piano/Piano.ec
Examining data/ecere-sdk-0.44.15/samples/audio/S3MPlayer/S3MPlayer.ec
Examining data/ecere-sdk-0.44.15/samples/audio/DirectBufferPlayer/wavPlayer.ec
Examining data/ecere-sdk-0.44.15/samples/audio/PlaySound/PlaySound.ec
Examining data/ecere-sdk-0.44.15/samples/audio/SineTone/sineTone.ec
Examining data/ecere-sdk-0.44.15/samples/games/othello/othello.ec
Examining data/ecere-sdk-0.44.15/samples/games/ticTacToe/TicTacToe.ec
Examining data/ecere-sdk-0.44.15/samples/games/cornerBlocks/CornerBlocksServer.ec
Examining data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec
Examining data/ecere-sdk-0.44.15/samples/games/tetrominoes/tetrominoes.ec
Examining data/ecere-sdk-0.44.15/samples/games/stonePairs/game.ec
Examining data/ecere-sdk-0.44.15/samples/games/stonePairs/stonePairs.ec
Examining data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/server.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ai.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/scores.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/setup.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/communication.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/bet.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/poker/pokerUtils.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/poker/poker.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/poker/widow.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/poker/bet.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/poker/player.ec
Examining data/ecere-sdk-0.44.15/samples/games/cards/tongIts/tongits.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/connect.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/chess2D.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/ai.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/chess.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/promotion.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/about.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/chess3D.ec
Examining data/ecere-sdk-0.44.15/samples/games/chess/src/chessutils.ec
Examining data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec
Examining data/ecere-sdk-0.44.15/samples/games/crosswords/crossWords.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/LinkLabel/linkLabel.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/stacker/stackerTest.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/GradientDesigner.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/textScroller/textScroller.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/screenShot/shot.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/game.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/math.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/toolBars/toolBarDemo.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mandelbrot/mandelbrot.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mandelbrot/mandelbrotUI.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/childWindows/ex1.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/eNotepad/eNotepad.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/timeAddendum.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/clock/clock.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/pictureRotateAlpha/rotate1.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/FlagsDropBox/flagsDropBox.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/fliPlay/FliPlayApp.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mdiSample/mdiSample.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/disablingMovingControls/form2.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/HelloForm/helloForm.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/slideShow/eShow.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/snow/snow.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/SimSkin.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/form1.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/MySkin.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/AcovelSkin.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/tabControl/tabs.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/floodFill/floodFill.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/curvyweb/curvyweb.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/replace/replace.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/DataControls/DataControls.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/toolTips/toolTips.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/bitmapsAndKB/KBState/KBState.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/bitmapsAndKB/KBOnKeyHit/OnKeyHit.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/bitmapsAndKB/Objects/objects.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/bitmapsAndKB/KBController/controller.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/bitmapsAndKB/Bitmap/bitmap.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanopolygon.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekano.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanoobjectgravity.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanopolygonalbox.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanoobjectpolygonal.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanoobject.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanoobjectfixed.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanoobjectspring.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanodisplay.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanopoint.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/vector.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanownd.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/mekano/mekanosimulation.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/Controls/controls.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/treeView/explorer.ec
Examining data/ecere-sdk-0.44.15/samples/guiAndGfx/dataBoxes/dataBoxes.ec
Examining data/ecere-sdk-0.44.15/samples/3D/glTriangle/glTriangle.ec
Examining data/ecere-sdk-0.44.15/samples/3D/Animate3DS/Animate3DS.ec
Examining data/ecere-sdk-0.44.15/samples/3D/OpenGL/glEcereCamera.ec
Examining data/ecere-sdk-0.44.15/samples/3D/OpenGL/glSnippet.ec
Examining data/ecere-sdk-0.44.15/samples/3D/HiraganaCube/hiraganaCube.ec
Examining data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/demo.ec
Examining data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec
Examining data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/terrain.ec
Examining data/ecere-sdk-0.44.15/samples/3D/spriteBalls/balls.ec
Examining data/ecere-sdk-0.44.15/samples/3D/VertexColorTest/VertexColorTest.ec
Examining data/ecere-sdk-0.44.15/samples/3D/ModelViewer/eModel.ec
Examining data/ecere-sdk-0.44.15/samples/3D/ModelViewer/engineSettings.ec
Examining data/ecere-sdk-0.44.15/samples/3D/TransCube/transCube.ec
Examining data/ecere-sdk-0.44.15/samples/3D/rayTracedMandelbulb/mandelbulb.ec
Examining data/ecere-sdk-0.44.15/samples/3D/ColorSpheres/colorSpheres.ec
Examining data/ecere-sdk-0.44.15/samples/3D/walkAround/walkAround.ec
Examining data/ecere-sdk-0.44.15/samples/3D/orbitWithMouse/orbitWithMouse.ec
Examining data/ecere-sdk-0.44.15/samples/3D/Test3D/Test3D.ec
Examining data/ecere-sdk-0.44.15/samples/3D/hello3D/hello3D.ec
Examining data/ecere-sdk-0.44.15/samples/3D/materials/materials.ec
Examining data/ecere-sdk-0.44.15/samples/3D/cube2/cube2.ec
Examining data/ecere-sdk-0.44.15/samples/scanning/wiaTest/wiaTest.ec
Examining data/ecere-sdk-0.44.15/samples/net/UDPSample/udptest.ec
Examining data/ecere-sdk-0.44.15/samples/net/SocketRx/socketRx.ec
Examining data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec
Examining data/ecere-sdk-0.44.15/samples/net/eCom/mainPanel.ec
Examining data/ecere-sdk-0.44.15/samples/net/browser/browser.ec
Examining data/ecere-sdk-0.44.15/samples/net/DCOMSample/main.ec
Examining data/ecere-sdk-0.44.15/samples/net/DCOMSample/Server.ec
Examining data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec
Examining data/ecere-sdk-0.44.15/samples/net/eirc/console.ec
Examining data/ecere-sdk-0.44.15/samples/net/XMLSample/xmlSample.ec
Examining data/ecere-sdk-0.44.15/samples/net/SocketTx/socketTX.ec
Examining data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkServer/server.ec
Examining data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkClient/client.ec
Examining data/ecere-sdk-0.44.15/samples/net/smtp/smtp.ec
Examining data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec
Examining data/ecere-sdk-0.44.15/samples/net/SocketSample/socketSample.ec
Examining data/ecere-sdk-0.44.15/samples/misc/licensing/licensing.ec
Examining data/ecere-sdk-0.44.15/samples/db/EDATest/EDATest.ec
Examining data/ecere-sdk-0.44.15/samples/db/MedDB/mainForm.ec
Examining data/ecere-sdk-0.44.15/samples/db/MedDB/med.ec
Examining data/ecere-sdk-0.44.15/samples/db/MovieCollection/movieSchema.ec
Examining data/ecere-sdk-0.44.15/samples/db/MovieCollection/movieCollection.ec
Examining data/ecere-sdk-0.44.15/samples/db/MovieCollection/reports.ec
Examining data/ecere-sdk-0.44.15/samples/db/MovieCollection/allMoviesReport.ec
Examining data/ecere-sdk-0.44.15/samples/db/MovieCollection/borrowerReport.ec
Examining data/ecere-sdk-0.44.15/extras/CSVDataParser.ec
Examining data/ecere-sdk-0.44.15/extras/types/ShortDate.ec
Examining data/ecere-sdk-0.44.15/extras/types/Currency.ec
Examining data/ecere-sdk-0.44.15/extras/types/DynamicString.ec
Examining data/ecere-sdk-0.44.15/extras/types/CountryCode.ec
Examining data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec
Examining data/ecere-sdk-0.44.15/extras/base64.ec
Examining data/ecere-sdk-0.44.15/extras/tiles/astar.ec
Examining data/ecere-sdk-0.44.15/extras/tiles/sprite.ec
Examining data/ecere-sdk-0.44.15/extras/tiles/tiles.ec
Examining data/ecere-sdk-0.44.15/extras/tiles/sequence.ec
Examining data/ecere-sdk-0.44.15/extras/createLink.ec
Examining data/ecere-sdk-0.44.15/extras/sha256.ec
Examining data/ecere-sdk-0.44.15/extras/FileSystemIterator.ec
Examining data/ecere-sdk-0.44.15/extras/wia.ec
Examining data/ecere-sdk-0.44.15/extras/SMTPSocket.ec
Examining data/ecere-sdk-0.44.15/extras/md5.ec
Examining data/ecere-sdk-0.44.15/extras/fli.ec
Examining data/ecere-sdk-0.44.15/extras/Regex.ec
Examining data/ecere-sdk-0.44.15/extras/windowsShortcut.ec
Examining data/ecere-sdk-0.44.15/extras/timeTools.ec
Examining data/ecere-sdk-0.44.15/extras/html/tables.ec
Examining data/ecere-sdk-0.44.15/extras/html/HTMLView.ec
Examining data/ecere-sdk-0.44.15/extras/html/lines.ec
Examining data/ecere-sdk-0.44.15/extras/html/htmlParser.ec
Examining data/ecere-sdk-0.44.15/extras/stringTools.ec
Examining data/ecere-sdk-0.44.15/extras/CSVParser.ec
Examining data/ecere-sdk-0.44.15/extras/XMLParser.ec
Examining data/ecere-sdk-0.44.15/extras/include/dpl.h
Examining data/ecere-sdk-0.44.15/extras/include/dpl.ec
Examining data/ecere-sdk-0.44.15/extras/include/dpl.c
Examining data/ecere-sdk-0.44.15/extras/gui/layout.ec
Examining data/ecere-sdk-0.44.15/extras/gui/RoundedSquare.ec
Examining data/ecere-sdk-0.44.15/extras/gui/skins/SimSkin.ec
Examining data/ecere-sdk-0.44.15/extras/gui/IconBag.ec
Examining data/ecere-sdk-0.44.15/extras/gui/LicensesDialog.ec
Examining data/ecere-sdk-0.44.15/extras/gui/controls/PasswordBox.ec
Examining data/ecere-sdk-0.44.15/extras/gui/controls/CheckListBox.ec
Examining data/ecere-sdk-0.44.15/extras/gui/controls/SearchBox.ec
Examining data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec
Examining data/ecere-sdk-0.44.15/extras/gui/controls/StringsBox.ec
Examining data/ecere-sdk-0.44.15/extras/gui/genericEditor.ec
Examining data/ecere-sdk-0.44.15/extras/gui/GuiConfigData.ec
Examining data/ecere-sdk-0.44.15/extras/fliPlay.ec
Examining data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/shortcuts.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/freeAst.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/pass3.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/type.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/expression.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/grammar.h
Examining data/ecere-sdk-0.44.15/compiler/libec/src/output.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec
Examining data/ecere-sdk-0.44.15/compiler/libec/src/copy.ec
Examining data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec
Examining data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec
Examining data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.main.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ec.main.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/shortcuts.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/copy.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/freeAst.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/LinkList.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Container.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/AVLTree.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/ecere.main.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BinaryTree.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/OldList.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/DualPipe.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/memory.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/CustomAVLTree.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Map.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BuiltInContainer.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/List.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.main.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.main.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdlib.h
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdio.h
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdarg.h
Examining data/ecere-sdk-0.44.15/compiler/bootstrap/bsl.c
Examining data/ecere-sdk-0.44.15/installer/src/installer.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 4 - Flow Control/Lab4/lab4.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/colors/lab5colors.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 3 - Operators/Lab3/lab3.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 2 - Variables and Data Types/Lab2.4/lab2.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 2 - Variables and Data Types/Lab2.5/variables.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 1 - Getting Started/Lab1.1/helloWorld.ec
Examining data/ecere-sdk-0.44.15/installer/coursework/Chapter 1 - Getting Started/Lab1.2/form1.ec
Examining data/ecere-sdk-0.44.15/ide/src/debugger/debugFindCtx.ec
Examining data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec
Examining data/ecere-sdk-0.44.15/ide/src/debugger/process.ec
Examining data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec
Examining data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec
Examining data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec
Examining data/ecere-sdk-0.44.15/ide/src/licensing.ec
Examining data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec
Examining data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec
Examining data/ecere-sdk-0.44.15/ide/src/project/Project.ec
Examining data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec
Examining data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec
Examining data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec
Examining data/ecere-sdk-0.44.15/ide/src/IDESettings.ec
Examining data/ecere-sdk-0.44.15/ide/src/ide.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/ToolBox.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/findCtx.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/findParams.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/Designer.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/findExp.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec
Examining data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec
Examining data/ecere-sdk-0.44.15/ide/src/about.ec
Examining data/ecere-sdk-0.44.15/ide/src/documents/ModelView.ec
Examining data/ecere-sdk-0.44.15/ide/src/documents/PictureEdit.ec
Examining data/ecere-sdk-0.44.15/ide/src/panels/WatchesView.ec
Examining data/ecere-sdk-0.44.15/ide/src/panels/ThreadsView.ec
Examining data/ecere-sdk-0.44.15/ide/src/panels/OutputView.ec
Examining data/ecere-sdk-0.44.15/ide/src/panels/BreakpointsView.ec
Examining data/ecere-sdk-0.44.15/ide/src/panels/CallStackView.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/NodeProperties.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/ProjectTabSettings.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/ProjectActiveConfig.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/ActiveCompilerDialog.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec
Examining data/ecere-sdk-0.44.15/ide/src/dialogs/FontPicker.ec
Examining data/ecere-sdk-0.44.15/ide/src/OldIDESettings.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/ers.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/gui.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/MemoryEDB.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/gui/controls/FieldBox.ec
Examining data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/Firebird.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/ODBC.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.h
Examining data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c
Examining data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c
Examining data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.h
Examining data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c
Examining data/ecere-sdk-0.44.15/eda/drivers/SQLServer.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec
Examining data/ecere-sdk-0.44.15/eda/drivers/Oracle.ec
Examining data/ecere-sdk-0.44.15/ear/cmd/emear.ec
Examining data/ecere-sdk-0.44.15/ear/cmd/ear.ec
Examining data/ecere-sdk-0.44.15/ear/extract/extract.ec
Examining data/ecere-sdk-0.44.15/epj2make/epj2make.ec
FINAL RESULTS:
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:563:13: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(argv[2], 0755);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:852:16: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(argv[3], 0755);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:27774:42: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
{ "readlink", (sqlite3_syscall_ptr)readlink, 0 },
data/ecere-sdk-0.44.15/installer/coursework/Chapter 4 - Flow Control/Lab4/lab4.ec:17:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 4 - Flow Control/Lab4/lab4.ec:34:4: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 4 - Flow Control/Lab4/lab4.ec:38:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/colors/lab5colors.ec:22:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/colors/lab5colors.ec:39:4: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/colors/lab5colors.ec:43:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:22:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:39:4: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:43:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:52:4: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:56:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec:298:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(command);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec:304:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(input);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:123:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:155:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:169:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int snprintf(char * , size_t, const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:897:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cppOptions + cppOptionsLen + 1, arg);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1141:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mainModuleName, sourceFileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1201:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, sourceFileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1203:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symLocation, GetSymbolsDir());
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1239:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(impFile, GetSymbolsDir());
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:99:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int vsprintf(char * , const char * , __builtin_va_list);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:107:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:109:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:111:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:120:1: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(string + strlen(string), format, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:784:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(output, nodeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BuiltInContainer.c:107:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BuiltInContainer.c:490:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Container.c:111:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Container.c:1046:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/DualPipe.c:148:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int vsnprintf(char * , size_t, const char * , __builtin_va_list);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/DualPipe.c:259:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(commandLine, sizeof (commandLine), command, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/DualPipe.c:273:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(commandLine, sizeof (commandLine), command, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:88:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:96:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:98:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:232:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:300:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d, p ? p : "");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:317:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d, p ? p : "");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1001:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(text, sizeof (text), format, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:205:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:219:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:221:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:241:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int vsnprintf(char * , size_t, const char * , __builtin_va_list);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:276:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, string + c + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:317:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, ((__runtimePlatform == 1) ? "\\" : "/"));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:324:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, ((__runtimePlatform == 1) ? "\\" : "/"));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:472:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, (float)size / (float)((float)(float)(1024 * 1024 * 1024)));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:477:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, (float)size / (float)((float)(float)(1024 * 1024)));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:482:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, (float)size / (float)1024);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:499:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / ((double)(double)(1024 * 1024) * 1024.0 * 1024.0));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:504:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (1024.0 * 1024.0 * 1024.0));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:509:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (1024.0 * 1024.0));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:514:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / 1024.0);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:779:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:783:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(output, ext);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:796:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ofRest, of);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:797:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathRest, path);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:827:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, isArchive ? file : string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1002:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, directory);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1009:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, addedPath + c);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1014:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "<%s>%s", archiveName, fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1016:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1035:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, isArchive ? file : string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1164:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, ((__runtimePlatform == 1) ? "\\" : "/"));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1219:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, directory);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1226:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, addedPath + c);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1231:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "<%s>%s", archiveName, fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1233:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1250:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathRest, path);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1251:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(toRest, to);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1262:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(destination, ((__runtimePlatform == 1) ? "\\" : "/"));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1652:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
addedLen = vsnprintf(__ecereProp___ecereNameSpace__ecere__sys__ZString_Get_string(this) + __ecerePointer___ecereNameSpace__ecere__sys__ZString->len, (__simpleStruct0 = __ecerePointer___ecereNameSpace__ecere__sys__ZString->size - 1 - __ecerePointer___ecereNameSpace__ecere__sys__ZString->len, (0 > __simpleStruct0) ? 0 : __simpleStruct0), format, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:88:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:96:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:98:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:217:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:219:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:221:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:418:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__ecereNameSpace__ecere__sys__globalSystem.logFile, where);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:496:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof (string), format, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:757:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(__ecereNameSpace__ecere__sys__globalSystem.errorBuffer, text);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:107:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:115:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:117:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:233:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:241:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:249:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:616:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, ((__runtimePlatform == 1) ? "%I64d" : "%lld"), *data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:622:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, ((__runtimePlatform == 1) ? "%I64u" : "%llu"), *data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:628:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), *data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:707:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, f);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1286:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, item->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2537:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2551:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2563:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2598:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2602:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2647:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2651:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2662:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2674:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2705:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, memberString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:113:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:121:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:125:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:478:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(language, locale);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:493:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(genericLocale, locale);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:501:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s.mo", moduleName, locale);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:503:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s.mo", locale);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:508:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s/LC_MESSAGES/%s.mo", moduleName, locale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:510:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s/LC_MESSAGES/%s.mo", locale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:515:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "locale/%s/LC_MESSAGES/%s.mo", locale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:520:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "/usr/share/locale/%s/LC_MESSAGES/%s.mo", locale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:526:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s.mo", moduleName, genericLocale);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:528:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s.mo", genericLocale);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:533:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s/LC_MESSAGES/%s.mo", moduleName, genericLocale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:535:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s/LC_MESSAGES/%s.mo", genericLocale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:540:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "locale/%s/LC_MESSAGES/%s.mo", genericLocale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:545:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "/usr/share/locale/%s/LC_MESSAGES/%s.mo", genericLocale, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:88:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:96:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:98:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:710:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:712:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:720:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:728:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:784:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern int system(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:806:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int vsprintf(char * , const char * , __builtin_va_list);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:2771:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, __ecereNameSpace__ecere__com__platformNames[*(int *)this]);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:4989:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(templateClassName, baseName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5301:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, (sClass == base) ? cParam->defaultArg.__anon1.__anon1.dataTypeString : base->templateArgs[id].__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5674:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass->templateClass->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5714:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon2.__anon1.member->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5720:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5730:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5733:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5910:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, templatedClass->templateArgs[id].__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6056:93: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("system", "int system(const char*)", system, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6063:105: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("strcat", "char * strcat(char *, const char *)", strcat, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6079:105: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("strcpy", "char * strcpy(char *, const char *)", strcpy, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6084:109: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("sprintf", "int sprintf(char *, const char *, ...)", sprintf, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6085:121: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("snprintf", "int snprintf(char *, uintsize, const char *, ...)", snprintf, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6086:99: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("printf", "int printf(const char *, ...)", printf, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6087:123: [4] (buffer) vsprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("vsprintf", "int vsprintf(char*, const char*, __builtin_va_list)", vsprintf, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6088:135: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("vsnprintf", "int vsnprintf(char*, uintsize, const char*, __builtin_va_list)", vsnprintf, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6369:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(noTemplateName, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6379:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, _class->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6380:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, templateParams);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:146:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:148:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:156:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:211:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int snprintf(char * , size_t, const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:1911:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(__ecereNameSpace__ecere__GetTranslatedString("ecp", "error: could not resolve value %s for enum %s in precompiler\n", (((void *)0))), expString, regClass->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2530:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param->defaultArgument->__anon1.identifier->_class->__anon1.templateParameter->identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2532:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param->defaultArgument->__anon1.identifier->_class->__anon1.__anon1.name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2538:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, param->defaultArgument->__anon1.identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2761:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cppOptions + cppOptionsLen + 1, arg);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2890:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defaultSymFile, GetSymbolsDir());
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:156:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:164:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:172:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:178:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1406:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1897:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectName, mainModuleName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2052:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2363:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2416:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(classID, "__ecereClass_%s", className);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2545:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2658:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2690:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2846:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectName, ((struct __ecereNameSpace__ecere__com__Application *)(((char *)this + sizeof(struct __ecereNameSpace__ecere__com__Module) + sizeof(struct __ecereNameSpace__ecere__com__Instance))))->argv[c + 1]);
data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdio.h:28:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE *stream, const char *format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdio.h:33:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char*, size_t, const char*, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdio.h:34:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char *str, size_t, const char *format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:183:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:198:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:200:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3049:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(templateString, symbol ? symbol->string : spec->__anon1.__anon1.name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3066:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3072:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg->__anon1.identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3079:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, typeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3090:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, arg->name->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3093:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3132:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameBuffer, _class->__anon1.__anon1.name ? _class->__anon1.__anon1.name : "");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3134:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nameBuffer, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3278:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, ((struct Specifier *)baseSpecs->first)->__anon1.__anon1.name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3368:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4846:48: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
struct ClassDef * MkClassDefAccessOverride(int access, struct Identifier * id)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4851:106: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
__ecereInstance1->type = 13, __ecereInstance1->__anon1.__anon1.id = id, __ecereInstance1->memberAccess = access, __ecereInstance1;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:142:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:157:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1490:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "__ecereDBField_%s_%s", tableName, exp->__anon1.db.id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1505:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "__ecereDBTable_%s", tableName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1520:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "__ecereDBIndex_%s_%s", tableName, exp->__anon1.db.id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1625:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tableID, "__ecereDBTable_%s", tableName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1626:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rowClassName, "Row%s", tableName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1681:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldID, "__ecereDBField_%s_%s", tableName, entry->id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1686:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameField, entry->id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1697:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "_%s", entry->id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1830:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldID, "__ecereDBField_%s_%s", tableName, entry->id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1902:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(indexID, "__ecereDBIndex_%s_%s", tableName, id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1914:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(indexID, tableID);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1921:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldID, "__ecereDBField_%s_%s", tableName, item->id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:88:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:96:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:98:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:236:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:514:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(__ecereNameSpace__ecere__GetTranslatedString("ec", ":%d:%d: warning: ", (((void *)0))), yylloc.start.line, yylloc.start.charPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:516:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof (string), format, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:1863:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(__ecereNameSpace__ecere__GetTranslatedString("ec", ":%d:%d: error: ", (((void *)0))), yylloc.start.line, yylloc.start.charPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:1865:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof (string), format, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c:181:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c:189:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c:191:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:166:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:168:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1671:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param->defaultArgument->__anon1.identifier->_class->__anon1.templateParameter->identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1676:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param->defaultArgument->__anon1.identifier->_class->__anon1.__anon1.name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1683:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, param->defaultArgument->__anon1.identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:189:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:197:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:199:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:318:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:320:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:556:55: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
extern struct ClassDef * MkClassDefAccessOverride(int access, struct Identifier * id);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9908:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, yyvsp[(3) - (4)].string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:88:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:96:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:98:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:372:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:376:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:554:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourceFileStack[index], fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:144:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:154:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:238:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:743:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourceFileStack[include_stack_ptr + 1], location);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:753:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, includeDir->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:764:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, includeDir->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1212:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1387:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1504:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1563:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1599:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1639:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1726:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1751:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1775:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1846:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redefinition->name, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1847:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redefinition->type1, data->dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1848:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redefinition->type2, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1856:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1936:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, symbolsDir ? symbolsDir : "");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:2063:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, ((char * )((uintptr_t)(__ecereProp___ecereNameSpace__ecere__com__Iterator_Get_data(&dir)))));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:2065:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(configDir, "debug.%s", (__runtimePlatform == 1) ? "win32" : (__runtimePlatform == 3) ? "apple" : "linux");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:2079:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, symbolsDir ? symbolsDir : "");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:150:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:3242:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(origName, outputFile);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:150:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:173:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:185:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1184:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicExpression(struct Expression * exp, int access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1186:67: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicInitializer(struct Initializer * init, int access)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1191:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(init->__anon1.exp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1198:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicInitializer(i, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1204:61: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicClass(struct Symbol * classSym, int access, const char * word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1206:61: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicTypeName(struct TypeName * type, int access)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1218:28: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(classSym, access, "define");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1224:57: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicDataType(struct Type * type, int access, const char * word)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1232:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type->__anon1._class, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1244:55: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(type->__anon1.__anon2.returnType, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1246:28: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(param, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1247:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type->__anon1.__anon2.thisClass, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1251:54: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(type->__anon1.__anon4.arrayType, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1253:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type->__anon1.__anon4.enumClass, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1257:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(type->__anon1.type, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1266:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type->__anon1._class, access, word);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1273:64: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicExpression(struct Expression * exp, int access)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1287:45: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.op.exp1, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1289:45: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.op.exp2, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1296:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1303:47: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.index.exp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1305:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1312:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.call.exp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1316:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1322:48: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.member.exp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1327:48: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.member.exp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1331:44: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicTypeName(exp->__anon1.typeName, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1335:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicTypeName(exp->__anon1.cast.typeName, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1337:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.cast.exp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1344:47: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.cond.cond, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1346:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1347:50: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1.cond.elseExp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1352:47: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1._new.size, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1356:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1._renew.size, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1357:48: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp->__anon1._renew.exp, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1364:73: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(exp->__anon1.instance->_class->__anon1.__anon1.symbol, access, "define");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1373:45: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicInitializer(member->initializer, access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1431:214: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckMembersDefinitions(struct __ecereNameSpace__ecere__com__Class * regClass, struct __ecereNameSpace__ecere__com__DataMember * member, struct __ecereNameSpace__ecere__sys__OldList * definitions, int access)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1466:74: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(dataMember->dataType, (def->memberAccess == 2) ? 2 : access, __ecereNameSpace__ecere__GetTranslatedString("ec", "class data member", (((void *)0))));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1480:109: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckMembersDefinitions(regClass, member, spec->__anon1.__anon2.definitions, (def->memberAccess == 2) ? 2 : access);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1493:74: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(dataMember->dataType, (def->memberAccess == 2) ? 2 : access, __ecereNameSpace__ecere__GetTranslatedString("ec", "class data member", (((void *)0))));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1501:101: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(decl->__anon1.inst->_class->__anon1.__anon1.symbol, (def->memberAccess == 2) ? 2 : access, __ecereNameSpace__ecere__GetTranslatedString("ec", "class member instance", (((void *)0))));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1732:60: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicClass(struct Symbol * classSym, int access, const char * word)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1740:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(classSym->isStatic && access != 3)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1975:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(structName, symbol->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2432:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, propertyDef->id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2468:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, propertyDef->id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2541:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newId, id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:185:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:189:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:193:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1556:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, ns->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2163:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, classProperty->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2173:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, classProperty->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2248:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereRegisterModule_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2281:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereUnregisterModule_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2424:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(watcherName, propID->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2515:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, nameSpace);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2516:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, regClass->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2535:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(baseName, baseType->__anon1._class->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2572:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseStructName, (regClass->base->templateClass ? regClass->base->templateClass : regClass->base)->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2731:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2898:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param->defaultArgument->__anon1.identifier->_class->__anon1.templateParameter->identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2900:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param->defaultArgument->__anon1.identifier->_class->__anon1.__anon1.name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2904:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, param->defaultArgument->__anon1.identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:3235:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, nameSpace);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:3236:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, regClass->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:260:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:262:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:268:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:313:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:460:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:462:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "%I64d" : "%lld"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:473:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64XLL" : "0x%llXLL"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:475:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:477:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "%I64d" : "%lld"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:486:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "%I64dLL" : "%lldLL"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:488:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "%I64d" : "%lld"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:497:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64XLL" : "0x%llXLL"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:499:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:501:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "%I64d" : "%lld"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:510:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:512:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:523:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64XLL" : "0x%llXLL"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:525:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7174:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7183:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7842:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, (fullName || !c->__anon1.registered) ? c->string : c->__anon1.registered->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7852:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->isSigned ? "int" : "uint");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7855:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->isSigned ? "int64" : "uint64");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7858:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->isSigned ? "__int128" : "unsigned __int128");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7861:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->isSigned ? "intptr" : "uintptr");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7864:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->isSigned ? "intsize" : "uintsize");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7867:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->isSigned ? "char" : "byte");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7873:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->isSigned ? "short" : "uint16");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7885:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->__anon1.__anon1.enumName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7888:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->typeName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7906:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->__anon1.__anon1.enumName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7909:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->typeName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7920:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->__anon1.__anon1.enumName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7923:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->typeName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7932:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->__anon1._class ? type->__anon1._class->string : "int");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7936:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->__anon1.templateParameter->identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8524:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(size, arrayType->__anon1.__anon4.enumClass->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8528:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8573:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type->byReference ? "typed_object&" : "typed_object");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8580:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8589:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8602:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, count);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8757:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(curName, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8759:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(curName, name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9058:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, _class->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9068:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9071:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9104:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, _class->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9114:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9117:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9262:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, ((__runtimePlatform == 1) ? "%I64d" : "%lld"), value->data);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9264:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), value->data);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11458:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, ((__runtimePlatform == 1) ? "%I64d" : "%lld"), value->data);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11460:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, ((__runtimePlatform == 1) ? "0x%I64XLL" : "0x%llXLL"), value->data);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13185:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass->templateClass->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13252:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13258:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon2.__anon1.member->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13264:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13274:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13277:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14680:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, nameID->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14683:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, number);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15430:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iteratorType, "MapIterator<%s, %s >", _class->templateArgs[5].__anon1.__anon1.dataTypeString, _class->templateArgs[6].__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15432:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iteratorType, "Iterator<%s, %s >", _class->templateArgs[2].__anon1.__anon1.dataTypeString, _class->templateArgs[1].__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15634:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(watcherName, propID->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16068:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16070:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16145:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16147:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16172:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16174:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17915:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(thisClassTypeString, _class->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17928:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass->templateClass->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17983:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17989:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon2.__anon1.member->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17997:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, thisClassTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17999:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18010:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18013:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18466:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass->templateClass->fullName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18521:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18527:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon2.__anon1.member->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18533:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18543:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18546:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18966:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "Container<%s>", typeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:146:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:152:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1979:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereCreateModuleInstances_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1995:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereDestroyModuleInstances_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:140:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:144:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
extern char * strcat(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:148:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
extern int sprintf(char * , const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:163:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char * , ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1702:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1743:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2073:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, ((__runtimePlatform == 1) ? "0x%I64XLL" : "0x%llXLL"), bitMember->mask);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2075:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), bitMember->mask);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2747:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iteratorType, "Iterator<%s, %s >", _class->templateArgs[2].__anon1.__anon1.dataTypeString, _class->templateArgs[1].__anon1.__anon1.dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2814:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2962:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3741:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3775:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3844:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, ((__runtimePlatform == 1) ? "0x%I64XLL" : "0x%llXLL"), bitMember->mask);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3846:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, ((__runtimePlatform == 1) ? "0x%I64X" : "0x%llX"), bitMember->mask);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:4139:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(typeString, exp->expType->__anon1.templateParameter->dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:4152:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(typeString, exp->destType->__anon1.templateParameter->dataTypeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c:156:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char * strcpy(char * , const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c:183:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf(FILE * stream, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c:191:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *, size_t, const char *, va_list args);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c:193:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char * str, size_t, const char * format, ...);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:303:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cppOptions + cppOptionsLen + 1, arg);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:524:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mainModuleName, sourceFileName);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:573:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, sourceFileName);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:576:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symLocation, GetSymbolsDir());
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:641:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(impFile, GetSymbolsDir());
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:689:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param.defaultArgument.identifier._class.templateParameter.identifier.string);
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:691:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param.defaultArgument.identifier._class.name);
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:698:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, param.defaultArgument.identifier.string);
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:825:16: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"error: could not resolve value %s for enum %s in precompiler\n", expString, regClass.name);
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1385:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cppOptions + cppOptionsLen + 1, arg);
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1512:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defaultSymFile, GetSymbolsDir());
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:263:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectName, mainModuleName);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:408:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule.name);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:522:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule.name);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:561:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(classID, "__ecereClass_%s", className);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:672:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule.name);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:724:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule.name);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:751:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, defModule.name);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1061:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1676:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectName, argv[c+1]);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1360:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(templateString, symbol ? symbol.string : spec.name);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1398:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1404:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.identifier.string);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1410:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, typeString);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1420:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, arg.name.string);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1423:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1478:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, name);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1696:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ClassDef MkClassDefAccessOverride(AccessMode access, Identifier id)
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1698:68: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return { type = accessOverrideClassDef, id = id, memberAccess = access };
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1805:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameBuffer, _class.name ? _class.name : "");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1807:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nameBuffer, name);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1857:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, ((Specifier)baseSpecs.first).name);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:173:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "__ecereDBField_%s_%s", tableName, exp.db.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:187:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "__ecereDBTable_%s", tableName);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:201:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "__ecereDBIndex_%s_%s", tableName, exp.db.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:735:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tableID, "__ecereDBTable_%s", tableName);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:737:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rowClassName, "Row%s", tableName);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:804:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldID, "__ecereDBField_%s_%s", tableName, entry.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:811:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameField, entry.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:822:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "_%s", entry.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:993:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldID, "__ecereDBField_%s_%s", tableName, entry.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1090:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(indexID, "__ecereDBIndex_%s_%s", tableName, id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1104:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(indexID, tableID);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1112:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldID, "__ecereDBField_%s_%s", tableName, item.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1685:10: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($":%d:%d: error: ", yylloc.start.line, yylloc.start.charPos);
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1688:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1733:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($":%d:%d: warning: ", yylloc.start.line, yylloc.start.charPos);
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1736:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/compiler/libec/src/expression.ec:2995:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:525:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param.defaultArgument.identifier._class.templateParameter.identifier.string);
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:530:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param.defaultArgument.identifier._class.name);
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:538:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, param.defaultArgument.identifier.string);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:11079:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:20023:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, (yyvsp[(3) - (4)].string));
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:1284:72: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
public void SetSomeSourceFileStack(const char * fileName, int index) { strcpy(sourceFileStack[index], fileName); }
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:125:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:243:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, name);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:358:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:414:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:448:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:468:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:552:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:574:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:595:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:668:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redefinition.name, name);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:669:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redefinition.type1, data.dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:670:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redefinition.type2, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:678:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, line);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:756:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, symbolsDir ? symbolsDir : "");
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:873:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, dir);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:876:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(configDir, "debug.%s", (__runtimePlatform == win32) ? "win32" : (__runtimePlatform == apple) ? "apple" : "linux");
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:891:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symFile, symbolsDir ? symbolsDir : "");
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:936:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourceFileStack[include_stack_ptr + 1], location);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:946:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, includeDir.name);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:957:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, includeDir.name);
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:1191:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(origName, outputFile);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:98:58: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicClass(Symbol classSym, AccessMode access, const char * word)
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:106:31: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(classSym.isStatic && access != staticAccess)
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:121:59: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicTypeName(TypeName type, AccessMode access)
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:133:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(classSym, access, "define");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:139:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicInitializer(Initializer init, AccessMode access)
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:144:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(init.exp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:150:39: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicInitializer(i, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:156:62: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicExpression(Expression exp, AccessMode access)
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:170:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.op.exp1, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:172:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.op.exp2, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:178:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:184:50: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.index.exp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:186:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:192:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.call.exp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:196:44: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:202:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.member.exp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:207:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.member.exp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:211:47: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicTypeName(exp.typeName, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:215:52: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicTypeName(exp.cast.typeName, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:217:52: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.cast.exp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:223:50: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.cond.cond, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:225:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(e, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:226:53: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp.cond.elseExp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:231:50: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp._new.size, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:235:52: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp._renew.size, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:236:51: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicExpression(exp._renew.exp, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:242:100: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(exp.instance._class.symbol/*FindClass(exp.instance._class.name)*/, access, "define");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:250:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicInitializer(member.initializer, access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:260:55: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckPublicDataType(Type type, AccessMode access, const char * word)
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:268:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type._class, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:291:50: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(type.returnType, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:293:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(param, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:294:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type.thisClass, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:298:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(type.arrayType, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:300:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type.enumClass, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:304:44: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(type.type, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:314:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(type._class, access, word);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:321:104: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void CheckMembersDefinitions(Class regClass, DataMember member, OldList definitions, AccessMode access)
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:352:124: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(dataMember.dataType, (def.memberAccess == privateAccess) ? privateAccess : access, $"class data member");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:366:142: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckMembersDefinitions(regClass, member, spec.definitions, (def.memberAccess == privateAccess) ? privateAccess : access);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:378:127: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicDataType(dataMember.dataType, (def.memberAccess == privateAccess) ? privateAccess : access, $"class data member");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:386:149: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CheckPublicClass(decl.inst._class.symbol /*FindClass(decl.inst._class.name)*/, (def.memberAccess == privateAccess) ? privateAccess : access, $"class member instance");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:711:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(structName, symbol.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1296:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, propertyDef.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1375:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, propertyDef.id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1478:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newId, id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:292:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereRegisterModule_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:328:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereUnregisterModule_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:856:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, classProperty.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:867:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, classProperty.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:888:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, ns.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1016:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(watcherName, propID.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1109:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, nameSpace);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1110:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, regClass.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1138:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(baseName, baseType._class.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1181:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseStructName, (regClass.base.templateClass ? regClass.base.templateClass : regClass.base).fullName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1404:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1601:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param.defaultArgument.identifier._class.templateParameter.identifier.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1603:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, param.defaultArgument.identifier._class.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1608:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memberString, param.defaultArgument.identifier.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1970:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, nameSpace);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1971:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, regClass.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:206:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEX /*"0x%I64XLL"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:208:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64D /*"%I64d"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:218:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEXLL /*"0x%I64X"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:220:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEX /*"0x%I64X"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:222:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64D /*"%I64d"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:230:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64DLL /*"%I64d"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:232:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64D /*"%I64d"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:240:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEXLL /*"0x%I64XLL"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:242:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEX /*"0x%I64XLL"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:244:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64D /*"%I64d"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:252:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEX /*"0x%I64xLL"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:254:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEX /*"0x%I64x"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:264:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEXLL /*"0x%I64xLL"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:266:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, FORMAT64HEX /*"0x%I64x"*/, result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1849:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass.templateClass.fullName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1919:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1926:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.member.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1932:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1941:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1944:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2099:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, nameID.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2102:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, number);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2579:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, _class.fullName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2588:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2591:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2620:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, _class.fullName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2630:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2633:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, param.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:3462:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, FORMAT64D, value.data);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:3464:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, FORMAT64HEXLL, value.data);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6929:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(curName, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6931:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(curName, name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6987:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(size, arrayType.enumClass.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6991:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, size);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7016:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, (fullName || !c.registered) ? c.string : c.registered.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7023:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case intType: strcat(string, type.isSigned ? "int" : "uint"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7024:27: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case int64Type: strcat(string, type.isSigned ? "int64" : "uint64"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7025:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case int128Type: strcat(string, type.isSigned ? "__int128" : "unsigned __int128"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7026:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case intPtrType: strcat(string, type.isSigned ? "intptr" : "uintptr"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7027:29: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case intSizeType: strcat(string, type.isSigned ? "intsize" : "uintsize"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7028:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case charType: strcat(string, type.isSigned ? "char" : "byte"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7030:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case shortType: strcat(string, type.isSigned ? "short" : "uint16"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7037:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.enumName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7040:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.typeName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7057:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.enumName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7060:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.typeName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7071:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.enumName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7074:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.typeName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7083:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type._class ? type._class.string : "int");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7087:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.templateParameter.identifier.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7104:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7109:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7191:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.byReference ? "typed_object&" : "typed_object");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7197:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7202:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7215:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, count);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7321:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, FORMAT64D, value.data);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7323:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(constant, FORMAT64HEX, value.data);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8066:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8068:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8125:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8127:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8151:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, thisNameSpace);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8153:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10115:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(thisClassTypeString, _class.fullName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10130:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass.templateClass.fullName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10189:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10196:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.member.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10204:43: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, thisClassTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10206:43: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10216:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10219:34: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10751:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass.templateClass.fullName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10810:40: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, expString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10817:40: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.member.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10823:43: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10832:40: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10835:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11285:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "Container<%s>", typeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12599:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iteratorType, "MapIterator<%s, %s >", _class.templateArgs[5].dataTypeString, _class.templateArgs[6].dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12601:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iteratorType, "Iterator<%s, %s >", _class.templateArgs[2].dataTypeString, _class.templateArgs[1].dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12872:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(watcherName, propID.string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:31:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereCreateModuleInstances_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:48:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(registerName, "__ecereDestroyModuleInstances_%s", moduleName);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:246:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:297:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:675:29: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, FORMAT64HEXLL, bitMember.mask);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:677:29: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, FORMAT64HEX, bitMember.mask);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1612:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iteratorType, "Iterator<%s, %s >", _class.templateArgs[2].dataTypeString, _class.templateArgs[1].dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1687:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1879:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2835:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2871:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.name);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2944:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, FORMAT64HEXLL, bitMember.mask);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2946:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mask, FORMAT64HEX, bitMember.mask);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3295:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(typeString, exp.expType.templateParameter.dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3310:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(typeString, exp.destType.templateParameter.dataTypeString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass3.ec:1419:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/compiler/libec/src/type.ec:3414:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:84:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(d, "%s<a href=\"api://%p\" style=\"text-decoration: none;\">%s</a>", !strncmp(curName, "const ", 6) ? "const " : "", pc, pc.name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:86:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(d, curName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:102:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, curName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:123:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type._class.string);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:132:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, hex);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:138:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, n);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:141:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type._class.registered.name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:145:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type._class.string);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:188:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case intType: strcat(string, type.isSigned ? "int" : "uint"); break;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:189:27: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case int64Type: strcat(string, type.isSigned ? "int64" : "uint64"); break;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:190:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case charType: strcat(string, type.isSigned ? "char" : "byte"); break;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:191:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
case shortType: strcat(string, type.isSigned ? "short" : "uint16"); break;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:198:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.enumName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:202:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.typeName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:224:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.enumName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:228:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.typeName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:240:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.enumName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:244:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.typeName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:265:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:271:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:329:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(size, arrayType.enumClass.string);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:338:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, baseType);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:339:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, size);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:366:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type._class ? type._class.string : "int");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:375:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, type.name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:506:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, hex);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:509:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, hex);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:512:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, hex);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:570:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ns->name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:572:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, nsName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:573:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsName, temp);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:592:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, ideSettings.docDir);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:807:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ns->name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:809:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, nsName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:810:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsName, temp);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:827:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ns->name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:829:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, nsName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:830:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsName, temp);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1037:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ns->name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1039:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, nsName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1040:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsName, temp);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1498:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ns->name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1500:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, nsName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1501:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsName, temp);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1732:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ns->name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1734:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, nsName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1735:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsName, temp);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1949:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nsName, parentName ? parentName : "");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1954:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nsName, nameSpace->name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2654:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(docDir, ideSettings.docDir);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2742:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, editString);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3254:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(editString, href + 7);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4674:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d, swap);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:102:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(writeTestFilePath, "%s/_", docFilePath);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:299:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, fileName);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:373:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<%s>", oldDocFilePath);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:399:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(docFilePath, old ? "%s%s%s.eCdoc" : "%s%s%s", includeDir ? docDir : "", includeDir ? "/" : "",
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:410:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, path);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:436:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, path);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:496:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:60:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, directory);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:62:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:64:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:72:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, directory);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:76:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:78:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:84:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, $"\n Modified: ");
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:85:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, timeString);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:118:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, outputFile);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:128:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rest, afterSlash);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:145:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:264:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(existingFilePath, "<%s>", archiveName);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:288:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputRest, outputDirectory);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:289:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourceRest, source);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:529:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(archivePath, "<%s>", argv[2]);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:581:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, archivePath);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:610:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, archivePath);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:611:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, argv[c]);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:616:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputFile, argv[argc-1]);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:622:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rest, afterSlash);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:638:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputFile, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:677:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, argv[argc-1]);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:734:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, archivePath);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:767:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, archivePath);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:782:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, archivePath);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:805:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(existingFilePath, archivePath);
data/ecere-sdk-0.44.15/ear/cmd/emear.ec:19:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "ear aw %s", f);
data/ecere-sdk-0.44.15/ear/cmd/emear.ec:27:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, argv[i]);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:35:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, outputFile);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:45:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rest, afterSlash);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:62:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:226:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, directory);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:228:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:230:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:248:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, directory);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:252:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:254:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, DIR_SEPS);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:296:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(archive, argv[1]);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:297:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(archivePath, "<%s>", archive);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:298:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, $"ECERE Archive - %s", argv[1]);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:304:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(title, $"ECERE Self-Extractable Archive");
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:14:4: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(string+strlen(string),format,args);
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:579:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(output, nodeString);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:60:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, string+c+1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:100:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:108:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:207:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, isArchive ? file : string);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:342:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, "/" /*DIR_SEPS*/);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:395:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, directory);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:402:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, addedPath+c);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:407:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "<%s>%s", archiveName, fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:409:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:427:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, isArchive ? file : string);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:562:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:620:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, directory);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:627:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, addedPath+c);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:632:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "<%s>%s", archiveName, fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:634:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(string, fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:652:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathRest, path);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:653:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(toRest, to);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:666:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(destination, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:701:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, string);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:705:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(output, ext);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:718:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (float)(1024 * 1024 * 1024));
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:723:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (float)(1024 * 1024));
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:728:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (float)1024);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:744:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (1024 * 1024 * 1024.0 * 1024.0));
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:749:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (1024.0 * 1024.0 * 1024.0));
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:754:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / (1024.0 * 1024.0));
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:759:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, size / 1024.0);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1151:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ofRest, of);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1152:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathRest, path);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1270:21: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
addedLen = vsnprintf(string + len, Max(0, size - 1 - len), format, args);
data/ecere-sdk-0.44.15/ecere/src/com/containers/BuiltInContainer.ec:125:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, result);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Container.ec:270:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:227:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, item.name);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:632:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:647:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:658:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:690:39: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(result) strcat(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:694:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:723:42: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(result) strcat(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:727:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:742:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memberString, result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:774:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, name);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:806:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, memberString);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1618:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, FORMAT64D, *data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1624:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, FORMAT64U, *data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1630:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, FORMAT64HEX, *data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2037:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, format, f);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:239:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, path);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:273:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exeName, name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:307:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, path);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:321:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, path);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:360:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, path);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:388:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(!access("/proc/curproc/file", F_OK))
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:395:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, env);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:400:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, exeLocation);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:460:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:484:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, libLocation ? libLocation : "");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:487:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:505:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, paths[attempts++]);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:510:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, DEB_HOST_MULTIARCH);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:516:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:540:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, libLocation ? libLocation : "");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:543:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:122:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(...) ((void)__android_log_print(ANDROID_LOG_VERBOSE, "ecere-app", __VA_ARGS__))
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2083:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2696:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(templateClassName, baseName);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3437:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(noTemplateName, name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3447:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, _class.fullName);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3448:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, templateParams);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3865:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(templateString, "%s<", expClass.templateClass.fullName);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3920:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.member.name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3926:40: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(argument, arg.dataTypeString);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3935:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, param.name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3938:34: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(templateString, argument);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:4108:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, templatedClass.templateArgs[id].dataTypeString);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:4667:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(allocateClass, _class.name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6549:66: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
eSystem_RegisterFunction("system", "int system(const char*)", system, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6558:78: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
eSystem_RegisterFunction("strcat", "char * strcat(char *, const char *)", strcat, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6586:78: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
eSystem_RegisterFunction("strcpy", "char * strcpy(char *, const char *)", strcpy, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6593:82: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
eSystem_RegisterFunction("sprintf", "int sprintf(char *, const char *, ...)", sprintf, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6594:94: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
eSystem_RegisterFunction("snprintf", "int snprintf(char *, uintsize, const char *, ...)", snprintf, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6595:72: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
eSystem_RegisterFunction("printf", "int printf(const char *, ...)", printf, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6596:96: [4] (buffer) vsprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
eSystem_RegisterFunction("vsprintf", "int vsprintf(char*, const char*, __builtin_va_list)", vsprintf, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6597:108: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
eSystem_RegisterFunction("vsnprintf", "int vsnprintf(char*, uintsize, const char*, __builtin_va_list)", vsnprintf, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6755:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, (sClass == base) ? cParam.defaultArg.dataTypeString : base.templateArgs[id].dataTypeString);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6846:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, platformNames[this]);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7418:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7429:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7465:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s (%d bytes): %d instances (%.02f mb used)\n", _class ? _class.name : "(none)", (int)size, c, totalSize);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7466:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7472:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7474:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7477:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7481:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:22:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, s);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:86:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/.%s", folder ? folder : ":skycube", extension ? extension : "pcx");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:87:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(materialName, "SKYBOX %s", name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:137:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/%s.%s", folder ? folder : ":skycube", faceNames[c], extension ? extension : "pcx");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:138:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(materialName, "SKYBOX %s - %s", faceNames[c], name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:222:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*string, temp);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:745:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(matName, info->fileName);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:748:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(matName, name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1085:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, info->textureDirectory);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1091:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, info->textureDirectory);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1095:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(bumpName, location);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1134:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(specName, location);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1261:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(matName, info->fileName);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1263:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(matName, name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1361:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(targetName, object.name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1516:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(targetName, name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1839:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(object.name, "%s.%s", model.name, block.dummyName);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1926:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(object.name, "%s.%s", model.name, block.dummyName);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1975:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(targetName, block.name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1994:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(object.name, "%s.%s", model.name, block.dummyName);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2068:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(object.name, "%s.%s", model.name, block.dummyName);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2117:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(targetName, block.name);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2137:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(object.name, "%s.%s", model.name, block.dummyName);
data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec:960:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, names[i]);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:84:40: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(stringOutput, "r = "); strcat(stringOutput, colorValue);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:92:42: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(stringOutput, ", g = "); strcat(stringOutput, colorValue);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:100:42: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(stringOutput, ", b = "); strcat(stringOutput, colorValue);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:619:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.AddField(sysColorField);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:620:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.AddField(sysColorName);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:679:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ListBox system
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:746:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.visible = false;
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:767:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.visible = true;
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:768:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
listBox = system;
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:790:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, item.name);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:808:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.Clear();
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:811:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
DataRow row = system.AddRow();
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:813:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, item.name);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:825:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.currentRow = currentRow;
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:830:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.visible = true;
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:832:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
listBox = system;
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:836:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.visible = false;
data/ecere-sdk-0.44.15/ecere/src/gfx/DisplaySystem.ec:272:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(item.name, name);
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:320:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(text, sizeof(text), format, args);
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:337:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(text, sizeof(text), format, args);
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:396:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(text, sizeof(text), format, args);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/CocoaOpenGLDisplayDriver.ec:132:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
displaySystem.driverData = system;
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/GDIDisplayDriver.ec:864:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(font.faceName, faceName);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec:30:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(...) ((void)__android_log_print(ANDROID_LOG_VERBOSE, "ecere-app", __VA_ARGS__))
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec:4214:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return system.glrc;
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec:4219:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return (void *)system.glc;
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec:4222:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return system.glContext;
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/gl_compat_4_4.c:20:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symbolName+1, (const char*)name);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec:253:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-dump.c:65:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stream, format, list);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-indic.c:1145:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, msg, ap);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-indic.c:1151:22: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define IDEBUG if(0) printf
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-khmer.c:304:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define KHDEBUG if(0) printf
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-myanmar.c:187:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define MMDEBUG if(0) printf
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-shaper.c:867:15: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG printf
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-shaper.c:869:29: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG if (1) ; else printf
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-stream.c:43:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( stderr, format, ap );
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:71:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, fontFileName);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:110:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(linkCfgPath, ecereFonts);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:115:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, faceName);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:119:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, ecereFonts);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:130:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, ecereFonts);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:141:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, faceName);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:151:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, faceName);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:169:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logFont.lfFaceName, faceName);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:241:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, fileName2);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:337:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, ecereFonts);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:373:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, fileName2);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:844:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.faceName, faceName);
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:188:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "left = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:195:112: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "horz = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:200:108: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "top = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:204:110: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "right = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:211:112: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "vert = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:216:111: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "bottom = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/GuiApplication.ec:203:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(appName, $"ECERE Application");
data/ecere-sdk-0.44.15/ecere/src/gui/GuiApplication.ec:1530:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(appName, value);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:919:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(caption, this.caption);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:924:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(caption, fileName);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:929:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(caption, title);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:944:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(caption, activeClient.caption);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:951:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(caption, activeClient.fileName);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:956:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(caption, title);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:2621:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%d %s", id+1, caption);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:7341:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(caption, sizeof(caption), format, args);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:7558:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, $"Save changes to %s?", fileName);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:7560:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, $"Save changes to Untitled %d?", documentID);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:8456:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(caption, value);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10084:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(className, "%sSkin_%s", name, c.name);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/DropBox.ec:262:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:1118:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(searchString, dialog.searchString);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:1150:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(replaceString, replace);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:1151:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(searchString, dialog.searchString);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5628:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(temp, sizeof(temp), format, args);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5647:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(temp, sizeof(temp), format, args);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:789:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1478:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format ? format : "", args);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:94:29: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(value.ctrl) strcat(accelString, $"Ctrl+");
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:95:29: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(value.alt) strcat(accelString, $"Alt+");
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:96:29: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(value.shift) strcat(accelString, $"Shift+");
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:112:27: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if(result) strcpy(accelString + len, result);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:125:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newText, accelString);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:323:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, text);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:432:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, text);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/StatusBar.ec:256:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(tempText, sizeof(tempText), format, args);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:317:43: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
property const char * filePath { set { strcpy(filePath, value); } get { return (char *)filePath; } };
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:768:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*selectedFileName, name);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:772:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*selectedFileName, fileName->name);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:801:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*selectedFileName, fileName->name);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:913:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, $"All Files");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:941:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, extension);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:945:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat((char *)customFilter.extensions, extension);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:994:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selection.data, currentFileName);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1018:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(currentFileName, currentDirectory);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1025:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(currentDirectory, currentFileName);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1033:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*path, currentFileName);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1062:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, currentDirectory);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1069:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(currentDirectory, filePath);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1157:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, dirOccur);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1160:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, filePath);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1233:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selectedFileName, fileName);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1270:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selectedFileName, fileName);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1567:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newDirPath, currentDirectory);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec:158:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(contents, $"%d occurrences found, %d replaced", entriesFound, entriesReplaced);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec:355:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(contents, $"%d occurrences found, %d replaced", entriesFound, entriesReplaced);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:28:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(...) ((void)__android_log_print(ANDROID_LOG_INFO, "ecere-app", __VA_ARGS__))
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:855:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(clipBoard.text, clipBoardData);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:941:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mod, "%s%s.so", loc, a.argv[0]);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:951:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc, "/data/%s/com.ecere.%s-%d/lib/%s/lib", useApp ? "app" : "data", a.argv[0], i, useArch ? arch : "");
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:953:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc, "/data/%s/com.ecere.%s/lib/%s/lib", useApp ? "app" : "data", a.argv[0], useArch ? arch : "");
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:954:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mod, "%s%s.so", loc, a.argv[0]);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/EmscriptenInterface.ec:19:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sflnprintf(format,...) printf("%s:% 5d: " format, __FILE__, __LINE__, ##__VA_ARGS__)
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:3399:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(clipBoard.text, clipBoardData);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:71:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(address, server.address);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:376:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(server, serverStart);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:380:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(relocation, http ? "http://" : "https://");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:381:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(relocation, server);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:516:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, askBody ? "GET /" : "HEAD /");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:542:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, server);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:550:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, referer);
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:490:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(packet.fileName, fileName);
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:102:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(socket.inetAddress, inet_ntoa(socket.a.sin_addr));
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:178:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inetAddress, inet_ntoa(this.a.sin_addr));
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:395:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:576:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.address, address);
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:677:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inetAddress, inet_ntoa(this.a.sin_addr));
data/ecere-sdk-0.44.15/ecere/src/net/network.ec:287:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inetAddress, inet_ntoa(*((IN_ADDR *)host->h_addr)));
data/ecere-sdk-0.44.15/ecere/src/net/network.ec:305:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostName, host->h_name);
data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec:111:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(stringOutput, "%s, %s %2d, %d",
data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec:124:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(stringOutput, "%s, %s %2d, %d",
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:381:19: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(execvp(tokens[0], (char **)tokens) < 0)
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.ec:78:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(commandLine, sizeof(commandLine), command, args);
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.ec:98:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(commandLine, sizeof(commandLine), command, args);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:100:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:112:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:210:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameRest, name);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:213:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:393:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:782:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:866:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, name);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:868:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:888:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, name);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:890:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:939:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, name);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:941:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namePart, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1365:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, name);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1372:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, archive + 1);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1445:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, archive + 1);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1502:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, fileName);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1523:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(d.path, "<%s>%s", archive, name);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1540:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file.path, d.path);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1574:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file.path, d.path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:287:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(!access(fileName, F_OK))
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:389:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, name);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:393:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "<%s>%s", archive, fileName);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:461:19: [4] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
wcscat(dir, _wdirectory);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:471:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parent, utf8);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:476:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parent, directory);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:483:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parent, directory);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:530:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, shareName);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:541:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parent, directory);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:548:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parent, directory);
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:553:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, parent);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:585:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(text, sizeof(text), format, args);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1218:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d.name, path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1241:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file.name, "%s [%s]", file.path, volume);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1246:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file.name, file.path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1269:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file.path, path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1285:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d.name, path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1306:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d.name, path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1424:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file.path, path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1426:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(file.path, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1428:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file.name,de->d_name);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1429:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(file.path, file.name);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1438:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d.name, path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1465:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subclass(FileSystem) system;
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1509:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(system)
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1511:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(system.FindNext(this))
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1568:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s [%s]", path, volume);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1573:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, path);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1602:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, d.name);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1702:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,de->d_name);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1703:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, d.name);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1705:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1706:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, name);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1730:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(system)
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1731:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system.CloseDir(this);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1791:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, template);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1796:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempFileName, buffer);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1819:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, template);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1824:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempFileName, buffer);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1866:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d, p ? p : "");
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1874:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d, p ? p : "");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:188:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, settingsLocation);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:204:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, home);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:216:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, profile);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:227:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, homedrive);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:247:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, allUsers);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:296:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, settingsName);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:299:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, settingsName);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:305:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, extension);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:655:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputLine, name);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:668:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outputLine, item.data);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:679:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outputLine, value);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:686:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outputLine, integer);
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:776:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(className, br);
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1263:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer, __runtimePlatform == win32 ? "0x%016I64X" : "0x%016llX", value.ui64);
data/ecere-sdk-0.44.15/ecere/src/sys/Mutex.ec:6:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(...) ((void)__android_log_print(ANDROID_LOG_VERBOSE, "ecere-app", __VA_ARGS__))
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:155:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(location, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:156:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(location, directory);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:207:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(location, DIR_SEPS);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:208:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(location, directory);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:309:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(commandLine, sizeof(commandLine)-1, command, args);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:315:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system(commandLine) != -1;
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:348:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(filePath+1, sizeof(filePath)-2,fileName, args);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:350:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(filePath, sizeof(filePath), fileName, args);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:368:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "ede-open \"%s\" &", filePath);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:373:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "gnome-open \"%s\" &", filePath);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:375:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "kde-open \"%s\" &", filePath);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:377:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "xdg-open \"%s\" &", filePath);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:380:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(command[0] && system(command) != -1)
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:398:18: [4] (shell) ShellExecute:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if((void *)ShellExecute(null, null, _wfilePath, null, _wcurDir, SW_SHOWNORMAL) > (void *)32)
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:259:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:298:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(globalSystem.errorBuffer, text);
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:311:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(globalSystem.errorBuffer);
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:315:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s - Error Log", guiApp.appName);
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:367:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(globalSystem.logFile, where);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:226:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, temp);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:233:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, temp);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:239:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, temp);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:244:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, temp);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:684:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(stringOutput, "%s %s %2d %2d:%02d:%02d %s %04d",
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:56:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(language, locale);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:71:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(genericLocale, locale);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:80:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s.mo", moduleName, locale);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:82:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s.mo", locale);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:87:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s/LC_MESSAGES/%s.mo", moduleName, locale, name);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:89:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s/LC_MESSAGES/%s.mo", locale, name);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:94:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "locale/%s/LC_MESSAGES/%s.mo", locale, name);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:99:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "/usr/share/locale/%s/LC_MESSAGES/%s.mo", locale, name);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:107:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s.mo", moduleName, genericLocale);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:109:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s.mo", genericLocale);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:114:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "<:%s>locale/%s/LC_MESSAGES/%s.mo", moduleName, genericLocale, name);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:116:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":locale/%s/LC_MESSAGES/%s.mo", genericLocale, name);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:121:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "locale/%s/LC_MESSAGES/%s.mo", genericLocale, name);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:126:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "/usr/share/locale/%s/LC_MESSAGES/%s.mo", genericLocale, name);
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:26:4: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(msg, format, args);
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:236:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ddl, "CREATE DATABASE IF NOT EXISTS %s", name); // [[DEFAULT] CHARACTER SET, [[DEFAULT] COLLATE]]
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:374:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ddl, "CREATE TABLE IF NOT EXISTS %s (a INT);", query);
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:407:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sql, "SELECT * FROM %s", query);
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:430:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sql, "SHOW COLUMNS FROM %s", query);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:35:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "host=%s ", ds.host), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:35:43: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(t, "host=%s ", ds.host), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:37:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "port=%s ", ds.port), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:37:43: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(t, "port=%s ", ds.port), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:39:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "user=%s ", ds.user), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:39:43: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(t, "user=%s ", ds.user), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:41:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "password=%s ", ds.pass), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:41:47: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(t, "password=%s ", ds.pass), strcat(r, t);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:112:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dbLocator, "%s dbname=%s ", locator, name);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:184:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "SELECT * FROM %s;", name);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:148:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "Host=%s", ds.host), strcat(s, t);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:148:42: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(t, "Host=%s", ds.host), strcat(s, t);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:151:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "Port=%s", ds.port), strcat(s, t);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:151:42: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(t, "Port=%s", ds.port), strcat(s, t);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:154:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "SID=%s", name), strcat(s, t);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:154:38: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(t, "SID=%s", name), strcat(s, t);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:298:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT Name, Type, Length FROM EDA_TABLE_FIELDS WHERE UPPER(Table_Name)=UPPER('%s')", name);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:321:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT Name, Type, Length FROM EDA_TABLE_FIELDS WHERE UPPER(Table_Name)=UPPER('%s')", name);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:566:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT COUNT(*) FROM %s", name);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:597:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullOrder, field.name);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:612:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(order, fIndex->field.name);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:615:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullOrder, order);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:631:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, specialStatement);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:637:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT * FROM %s %s", name, order);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1056:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "INSERT INTO %s (%s) VALUES (%i)", tableName, primaryKeyName, id);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1061:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "INSERT INTO %s (%s) SELECT MAX(CAST(%s AS INTEGER)) + 1 FROM %s",
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1122:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "DELETE %s WHERE %s = %s", tableName, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1270:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = '%i' WHERE %s = %s", tableName, fieldName, (int64)data, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1276:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = '%i' WHERE %s = %s", tableName, fieldName, (int)data, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1282:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = '%i' WHERE %s = %s", tableName, fieldName, (uint16)data, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1289:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = '%d' WHERE %s = %s", tableName, fieldName, (double)data, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1291:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = '%d' WHERE %s = %s", tableName, fieldName, (float)data, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1298:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = '%i' WHERE %s = %s", tableName, fieldName, (uint16)data, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1303:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = '%s' WHERE %s = %s", tableName, fieldName, (char *)data, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1322:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = TO_DATE('%s', 'YYYY-MM-DD') WHERE %s = %s", tableName, fieldName, date, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1324:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE %s SET %s = NULL WHERE %s = %s", tableName, fieldName, primaryKeyName, primaryKeyValue);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:113:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"EDASQLite: Can't open database (%s): %s\n", path, sqlite3_errmsg(db));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:235:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT Name, Type, Length FROM eda_table_fields WHERE Table_Name='%s';", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:252:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT Name FROM eda_table_fields WHERE Table_Name='%s';", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:259:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT sql FROM sqlite_master WHERE type='table' AND name='%s';", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:314:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "INSERT INTO eda_table_fields (Table_Name, Name, Type, Length) VALUES ('%s', '%s', '%s', %d);", name,
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:334:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT Name, Type, Length FROM eda_table_fields WHERE Table_Name='%s';", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:876:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "CREATE TABLE `%s`(%s %s COLLATE NOCASE);", name, fieldName, dataType);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:878:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "CREATE TABLE `%s`(%s %s COLLATE '%s');", name, fieldName, dataType, type.fullName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:883:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "CREATE TABLE `%s`(`%s` %s PRIMARY KEY);", name, fieldName, dataType);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:885:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "CREATE TABLE `%s`(`%s` %s REFERENCES `%s`(`%s`));", name, fieldName, dataType, refTable.name, idField.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:888:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "CREATE TABLE `%s`(`%s` %s);", name, fieldName, dataType);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:898:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "ALTER TABLE `%s` ADD `%s` %s COLLATE NOCASE;", name, fieldName, dataType);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:900:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "ALTER TABLE `%s` ADD `%s` %s COLLATE `%s`;", name, fieldName, dataType, type.fullName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:907:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "ALTER TABLE `%s` ADD `%s` %s PRIMARY KEY;", name, fieldName, dataType);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:910:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "ALTER TABLE `%s` ADD `%s` %s REFERENCES `%s`(`%s`);", name, fieldName, dataType, refTable.name, idField.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:913:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "ALTER TABLE `%s` ADD `%s` %s;", name, fieldName, dataType);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:918:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "INSERT INTO eda_table_fields (Table_Name, Name, Type, Length) VALUES ('%s', '%s', '%s', %d);", name,
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:963:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:971:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, fieldIndexes[c].field.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:975:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, fieldIndexes[c].memberField.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:977:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, (fieldIndexes[c].order == ascending) ? "+" : "-");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:983:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "CREATE INDEX IF NOT EXISTS `%s` ON `%s` (", indexName, name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:987:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(columnName, "`%s` %s", fieldIndexes[c].field.name, (fieldIndexes[c].order == ascending) ? "ASC" : "DESC");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:989:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, columnName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1024:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT COUNT(*) FROM `%s`;", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1053:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(order, fIndex->field.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1056:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullOrder, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1075:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, specialStatement);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1081:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s` WHERE ROWID = ?;", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1084:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "INSERT INTO `%s` DEFAULT VALUES;", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1087:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "INSERT INTO `%s` (ROWID) VALUES(?);", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1090:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "DELETE FROM `%s` WHERE ROWID = ?;", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1093:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s` WHERE ROWID < ? ORDER BY ROWID DESC LIMIT 1;", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1096:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s` WHERE ROWID > ? ORDER BY ROWID LIMIT 1;", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1099:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT MAX(ROWID), * FROM `%s`", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1107:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s`%s;", name, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1111:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID FROM `%s` WHERE ROWID > ?", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1114:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE `%s` SET ROWID = ? WHERE ROWID = ?", name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1411:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(where, fIndex->field.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1413:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(where, (fIndex->order == ((move == next) ? descending : ascending)) ? "<" : ">");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1415:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(where, fIndex->field.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1419:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, where);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1421:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, gotPrimaryKey ? "1)" : ((move == next) ? "ROWID > ?)" : "ROWID < ?)"));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1512:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s` WHERE `%s` = ?", tbl.name, fld.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1514:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1532:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s` WHERE `%s` = ?", tbl.name, fld.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1534:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1544:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s` WHERE `%s` = ?", tbl.name, fld.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1546:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1554:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "SELECT ROWID, * FROM `%s` WHERE `%s` = ?", tbl.name, fld.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1555:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1595:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(criterias, "SELECT ROWID, * FROM `%s` WHERE `", tbl.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1601:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(criterias, fieldFind->field.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1607:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, criterias);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1609:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1627:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, criterias);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1629:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1639:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, criterias);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1641:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1649:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, criterias);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1650:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, order);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1841:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "UPDATE `%s` SET `%s` = ? WHERE ROWID = ?;", tbl.name, sqlFld.name);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:105:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# ifndef access
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:106:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# define access(f,m) _access((f),(m))
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:108:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# undef popen
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:109:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# define popen _popen
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:119:17: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern FILE *popen(const char*,const char*);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:559:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(out, zFormat, ap);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:564:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define utf8_printf fprintf
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:572:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define raw_printf fprintf
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2593:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if( access(zNewDb,0)==0 ){
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3142:17: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sCtx.in = popen(sCtx.zFile+1, "r");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3532:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
p->out = popen(zFile + 1, "w");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3798:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
x = system(zCmd);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4823:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if( access(data.zDbFilename, 0)==0 ){
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:27648:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
{ "access", (sqlite3_syscall_ptr)access, 0 },
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:43855:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sqlite3DebugPrintf printf
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:55597:42: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define TRACE(X) if(sqlite3BtreeTrace){printf X;fflush(stdout);}
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:69219:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(pOut, zFormat1, pc,
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101803:14: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
FUNCTION(printf, -1, 0, 0, printfFunc ),
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:105773:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
char * (*snprintf)(int,char*,const char*,...);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:105885:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
char *(*vsnprintf)(int,char*,const char*,va_list);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:106032:53: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define sqlite3_snprintf sqlite3_api->snprintf
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:106056:53: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define sqlite3_vsnprintf sqlite3_api->vsnprintf
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:106132:53: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define sqlite3_uri_vsnprintf sqlite3_api->vsnprintf
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec:32:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"Can't open database (%s): %s\n", path, sqlite3_errmsg(db));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec:39:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "PRAGMA key = '%s';", ds.pass);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec:44:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"EDASQLiteCipher: database (%s) format not recognized, disabling cipher_use_hmac to support version 1.1.x databases\n", path);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec:56:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"Can't open database (%s): %s -- password may be incorrect\n", path, sqlite3_errstr(rc));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13201:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define CODEC_TRACE(X) {printf X;fflush(stdout);}
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13210:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(DESC); \
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:25540:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
{ "access", (sqlite3_syscall_ptr)access, 0 },
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:39748:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sqlite3DebugPrintf printf
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:50022:42: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define TRACE(X) if(sqlite3BtreeTrace){printf X;fflush(stdout);}
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:61277:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(pOut, zFormat1, pc,
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:92509:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
char * (*snprintf)(int,char*,const char*,...);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:92725:53: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define sqlite3_snprintf sqlite3_api->snprintf
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:21:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dbPath, path ? path : "");
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:27:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, name);
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:31:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, ext);
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:34:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
AccessOptions access:2;
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:83:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(moduleName, "EDA%s", driverName);
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:514:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(countQuery, from);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:132:16: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"Invalid, corrupted or in use (%s) database file.\n", path);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:223:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, index.fieldIndexes[c].field.name);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:227:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, index.fieldIndexes[c].memberField.name);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:229:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, (index.fieldIndexes[c].order == ascending) ? "+" : "-");
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:319:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(build, apath);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:468:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(apath, name);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:476:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(apath, name);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:491:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(apath, name);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:730:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, index.fieldIndexes[c].field.name);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:734:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, index.fieldIndexes[c].memberField.name);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:736:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(indexName, (index.fieldIndexes[c].order == ascending) ? "+" : "-");
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:813:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(build, tbl.apath);
data/ecere-sdk-0.44.15/eda/libeda/src/ers.ec:651:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, report.title);
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:988:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(queryString, "SELECT ROWID, * FROM `%s`", st.table.name);
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1337:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filePath, "%s.search", table.name);
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1764:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filePath, "%s.search", table.name);
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:216:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, name ? name : "");
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:227:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tempString, "(Invalid %s entry: "
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:238:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(tempString, $"(Click to add a new %s...)", $"item"/*class_data(addText)*/);
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:377:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(stringOutput, s);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:171:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(configName, argv[c]);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:189:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(makePath, argv[c]);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:218:16: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"invalid option: %s\n", arg);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:227:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epjPath, arg);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:328:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"Error: Project configuration (%s) was not found.\n", configName);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:344:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"Notice: Project configuration (%s) will be used.\n", releaseConfig.name);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:388:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"Error: Unable to open project file (%s) due to unknown error.\n", epjPath);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:392:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf($"Error: Input file (%s) does not exist.\n", epjPath);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:172:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dollarStyleRefId, "$(%s)", varName);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:177:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(percentStyleRefId, "%%%s%%", varName);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:193:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mergedValue, oldValue);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:194:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mergedValue, dollarStyleRef);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:209:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mergedValue, oldValue);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:210:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mergedValue, percentStyleRef);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:237:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*env, "%s=%s", node.key, node.value);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:254:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s=%s", node.key, node.value);
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:24:7: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(string, format, args);
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:32:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, entry);
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:84:7: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(string, format, args);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:121:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, entry.src);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:123:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(referer, entry.referer); //browserWindow.location ? browserWindow.location : "");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:523:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, location ? location : "");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:529:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, block.src);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:760:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(relocation, location);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:769:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(relocation, location);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:784:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(referer, firstReferer);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:809:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(referer, this.location);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:812:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, this.location);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:818:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, relocation);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:822:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(relocation, path);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1015:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(referer, firstReferer);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1424:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newLocation, location ? location : "");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1430:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newLocation, href);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1472:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(location, block.name);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1515:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newLocation, location);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1522:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newLocation, formBlock.action);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1530:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newLocation, block.name);
data/ecere-sdk-0.44.15/extras/include/dpl.c:29:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/extras/include/dpl.c:53:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:76:4: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:119:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/extras/types/CountryCode.ec:275:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fn, ":types/countryCode/%s.png", s);
data/ecere-sdk-0.44.15/extras/types/Currency.ec:59:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString + pos, number + c);
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:61:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/extras/types/ShortDate.ec:19:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(stringOutput, "%s %d, %d", shortMonths[month], day, year);
data/ecere-sdk-0.44.15/extras/types/ShortDate.ec:21:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stringOutput, $"Invalid date");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:249:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(toRest, to);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:250:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathRest, path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:263:46: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if(pathDiff && result != identical) strcpy(pathDiff, *pathRest == '\0' ? toRest : pathRest);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:329:42: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
for(c=0; c<parts.count; c++) strcat(copy, parts[c]);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:345:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, input);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:544:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, settingsFilePath);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:552:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:574:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, moduleLocation);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:585:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(configFilePath, path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:590:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defaultConfigFilePath, path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:901:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sf.path, path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:902:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sf.tmp, path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1316:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, location);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1515:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, compilerTypeNames[this]);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2309:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, app.argv[0]);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2350:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, app.argv[0]);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2401:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, app.argv[0]);
data/ecere-sdk-0.44.15/ide/src/OldIDESettings.ec:135:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(section, "%s Compiler Config", configName);
data/ecere-sdk-0.44.15/ide/src/OldIDESettings.ec:153:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(section, "%s Directories", configName);
data/ecere-sdk-0.44.15/ide/src/OldIDESettings.ec:245:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(section, "%s Compiler Config", compiler.name);
data/ecere-sdk-0.44.15/ide/src/OldIDESettings.ec:258:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(section, "%s Directories", compiler.name);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:142:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label, dialogTitle);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:144:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectName, project.topNode.name);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:146:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, projectName);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:150:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, nodeName);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:156:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, config);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:160:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, platform);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1039:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, d);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1505:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s%d", baseName, num);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1507:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, baseName);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1522:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s%d", baseName, num);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1527:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, tmp);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:249:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, command);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:829:16: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(title, sizeof(title), $"Provide source file location for %s", (s = CopySystemPath(frame.file)));
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:911:10: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(verboseExitCode, sizeof(verboseExitCode), $" with exit code %s", code);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1248:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourceDir, debuggerFileDialog.filePath);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1275:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, sourceDir);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1354:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(title, sizeof(title), $"Provide source files location directory for %s", relativePath);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1654:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1765:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, ide.workspace.projectDir);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2269:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempPath, ide.workspace.projectDir);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2281:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ide.workspace.projectDir);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2327:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s --vgdb=yes --vgdb-error=0 --log-file=%s --leak-check=%s%s --track-origins=%s %s%s%s",
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2362:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command,
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2425:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(progFifoPath, progFifoDir);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2872:22: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Symbol \"%s\" not found", exp.identifier.string);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2886:28: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Member \"%s\" not found in %s \"%s\"",
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2901:31: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Member \"%s\" not found in class \"%s\"", memberID ? memberID.string : "", _class.name);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2904:31: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Member \"%s\" not found in type \"%s\"", memberID ? memberID.string : "", string);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2909:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Accessing member \"%s\" from unresolved expression", memberID ? memberID.string : "");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2919:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Missing property evaluation for \"%s\" in class \"%s\"", memberID.string, _class.name);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2921:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Missing property evaluation for \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2926:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Missing function evaluation for call to \"%s\"", exp.call.exp.identifier.string);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2928:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Missing function evaluation for \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2932:22: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Memory can't be read at %s", /*(exp.type == constantExp) ? */exp.constant /*: null*/);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2935:22: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Dereferencing error evaluating \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2941:22: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Debugger required for symbol evaluation in \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2945:22: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Error evaluating \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2949:22: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Null type for \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2982:31: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(value, sizeof(value), (__runtimePlatform == win32) ? "0x%016I64x " : "0x%016llx ", address);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2984:31: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(value, sizeof(value), (__runtimePlatform == win32) ? "0x%08I64x " : "0x%08llx ", address);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2988:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(value, $"Null string");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3043:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(value, $"Empty string");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3046:34: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(value, $"Couldn't read memory");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3136:31: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(string, sizeof(string), $"Invalid Unicode Codepoint (0x%08X)", value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3190:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Error evaluating \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3198:16: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(watchmsg, sizeof(watchmsg), $"Invalid expression: \"%s\"", wh.expression);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3444:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastGdbOutput, output);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4119:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prjTargetPath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:5019:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(loc, location);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:556:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s: %s", item.name, item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:578:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%d %s", atoi(item.value), frame.string);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:587:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s (%s)", frame.string, item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:611:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s %s", arg.string, item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:620:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s = %s", arg.string, item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:255:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp + 1, idString);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:258:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, idString);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:2472:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(className, "__ecereClass_%s", classSym.string);
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:281:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, listing.path);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:718:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, $"Ln %d, Col %d", line, editBox.column + 1);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:755:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, $"Ln %d, Col %d", line, editBox.column + 1);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2270:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, $"The document %s was modified by another application.\n"
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2343:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(lineText, lineFormat, currentLineNumber);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2528:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, $"Untitled %d", documentID);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2910:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symLocation, GetSymbolsDir());
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5288:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(methodName, method.name);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5337:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, $"Attach %s", function.declarator.symbol.string);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5378:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, $"Attach %s", function.declarator.symbol.string);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5421:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(methodName, "%s_%s", selected.name, method.name);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5425:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(methodName, nameBox.contents);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5438:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, this.selected.instance._class.name);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5440:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, this.methodName);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5441:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.methodName, name);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5445:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, method.dataType.thisClass.string);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5447:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, this.methodName);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5448:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.methodName, name);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5476:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%c%s%d", tolower(instance._class.name[0]), instance._class.name+1, id);
data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec:53:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(text, object.instance._class.name);
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:322:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selectedMethod, ((CodeObject)row.GetData(methodName)).name);
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:744:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.selectedProp, propName);
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:757:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selectedProp, this.selectedProp);
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:759:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.selectedProp, selectedProp);
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:1270:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, $"Delete %s", codeObject.name);
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:1282:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, $"Delete %s", codeObject.name);
data/ecere-sdk-0.44.15/ide/src/designer/ToolBox.ec:124:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, _class.name);
data/ecere-sdk-0.44.15/ide/src/designer/ToolBox.ec:168:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, control.text); //id;
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:83:34: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(refId, "%%%s%%", var);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:143:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(label, $"%s Project", project.name);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:519:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(searchThread.dir, findWhere.path);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:539:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(searchThread.nameCriteria, fileName.contents);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:540:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(searchThread.contentCriteria, findContent.contents);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:542:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(searchThread.contentReplace, replaceWith.contents);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:672:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(substring, $" with file name matching \"%s\"", nameCriteria);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:676:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(containing, $" containing \"%s\"", contentCriteria);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:716:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stack[0].path, dir);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:804:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stack[frame].path, stack[lastFrame].fileList.path);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:873:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(special, "(%s)%s", prj.name, fileRelative);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:874:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileRelative, special);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:927:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(special, "(%s)%s", prj.name, fileRelative);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:928:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileRelative, special);
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:428:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, baseName);
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:443:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s%d", baseName, num);
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:448:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, tmp);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:48:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectLocation, locationEditBox.slashPath);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:49:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, projectLocation);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:147:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspaceFile, prj.filePath);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:183:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(varName, className);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:273:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.name, name);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:298:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, ideSettings.ideProjectFileDialogLocation);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:312:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, location);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:321:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, ideSettings.ideProjectFileDialogLocation);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:324:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, location);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:400:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, tempDir);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:458:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspaceFile, filePath);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:496:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newFileName, tempDir);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:537:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(varName, className);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:613:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output, input);
data/ecere-sdk-0.44.15/ide/src/dialogs/NodeProperties.ec:69:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, (node.parent.type == project) ? "" : node.parent.path);
data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec:23:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, ide.workspace.projectDir);
data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec:73:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, ide.workspace.projectDir);
data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec:98:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, debugDirectory.slashPath);
data/ecere-sdk-0.44.15/ide/src/documents/ModelView.ec:52:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
set { strcpy(fileName, value); }
data/ecere-sdk-0.44.15/ide/src/documents/PictureEdit.ec:138:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, value);
data/ecere-sdk-0.44.15/ide/src/ide.ec:1865:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:1964:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, $"The document %s was modified by another application.\n"
data/ecere-sdk-0.44.15/ide/src/ide.ec:2323:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, directory);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2390:81: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
const char * filePath = strstr(origFilePath, "http://") == origFilePath ? strcpy(winFilePath, origFilePath) : GetSystemPathBuffer(winFilePath, origFilePath);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2399:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extension, type);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2439:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspaceFile, filePath);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2798:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selectedPath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2800:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selectedPath, dir);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2812:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(selectedPath, p.topNode.path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2942:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3169:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(name, $"Compile %s", isCObject ? nodeName : node.name);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3296:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, app.argv[c]);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3468:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newList, path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3469:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newList, pathListSep);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3519:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newList, path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3520:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newList, pathListSep);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3893:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, home);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3898:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, homeDrive);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3905:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, userProfile);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3910:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(location, systemDrive);
data/ecere-sdk-0.44.15/ide/src/panels/CallStackView.ec:109:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ide/src/panels/OutputView.ec:331:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ide/src/panels/OutputView.ec:399:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ide/src/panels/ThreadsView.ec:133:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, sizeof(string), format, args);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:158:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(printPath, path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:163:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(printPath, name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:221:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(insidePath, name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:638:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, item + 3);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:640:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, item);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:898:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, $"The project %s was modified by another application.\n"
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1235:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, targetFileName);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1240:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, targetFileName);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1251:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, compiler.executableFileExt);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1260:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, compiler.sharedLibFileExt);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1271:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, moduleVersion);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1278:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, compiler.staticLibFileExt);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1290:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfDir, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1298:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cfDir);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1310:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cfDir);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1320:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfDir, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1334:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cfDir);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1345:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cfDir);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1354:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectName, name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1355:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s%s%s.Makefile", projectName, config ? "-" : "", config ? config.name : "");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1388:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absolutePath, node.project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1779:37: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, mName);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1819:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1910:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullModuleName, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1931:46: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullModuleName, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1949:49: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullModuleName, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1969:37: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullModuleName, moduleName);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1973:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullModuleName, loc + 1);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2121:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(configName, config ? config.name : "Common");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2126:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(makeFilePath, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2149:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s CF_DIR=\"%s\"%s%s%s%s%s COMPILER=%s objdir -C \"%s\"%s%s -f \"%s\"",
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2186:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s /useenv /nologo /logcommands %s.sln %s|Win32", compiler.makeCommand, name, config.name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2207:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s%s %sCF_DIR=\"%s\"%s%s%s%s%s%s COMPILER=%s%s %s%s%s-j%d %s%s%s -C \"%s\"%s%s -f \"%s\"",
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2254:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, line+5);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2259:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, line);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2307:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(makeFilePath, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2319:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s /useenv /clean /nologo /logcommands %s.sln %s|Win32", compiler.makeCommand, name, config.name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2335:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s CF_DIR=\"%s\"%s%s%s%s COMPILER=%s %sclean%s -C \"%s\"%s%s -f \"%s\"",
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2374:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2378:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(target, "%s %s", target, args);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2384:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2395:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(prefixedTarget, executableLauncher);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2397:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(prefixedTarget, target);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2424:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, GetTargetFileName(config));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2737:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2787:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(targetDir, GetTargetDirExpression(config));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2790:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(objDirExpNoSpaces, GetObjDirExpression(config));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2795:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(objDirExpNoSpaces, temp);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2878:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfDir, compilerConfigsDir);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2923:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, targetDir);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2932:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, targetDir);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3727:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "gcc -MT $(OBJ)%s$(O) -MM $(OBJ)%s.c", fixedModuleName, fixedModuleName);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3736:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3740:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3749:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item.name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3753:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item.name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3758:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item.name);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4078:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4080:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4082:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4084:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4257:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, parentPath);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4294:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4329:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4332:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4336:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4352:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4779:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s%s --version", compiler.gccPrefix ? compiler.gccPrefix : "", compilerCommand);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:71:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, configName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:80:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, moduleName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:89:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, targetPlatformName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:98:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, compilerName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:118:34: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, compilerName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:145:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, ev.string);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:34:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ofRest, of);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:35:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathRest, path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:193:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stripExt, fileName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:262:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(insidePath, (parent.type == project) ? "" : parent.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:269:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(insidePath, path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:299:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(insidePath, (parent.type == project) ? "" : parent.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:304:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(insidePath, path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:525:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, root.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:575:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, name);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:592:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, objFileExt);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:608:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, root.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:790:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, (parent.type == folder || parent.type == resources) ? parentPath : "");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:812:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(parentPath, path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:827:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tempString, property::fileName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:927:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(exp, var);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:929:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(exp, comma);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:949:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(exp, var);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1096:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, child.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1310:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, (type == NodeTypes::project) ? "" : path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1351:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, addendum);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1358:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, addendum);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1372:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(more, " (%s)", info);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1373:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, more);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1539:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempPath, path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1543:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s%s", ts.a, useRes ? "$(RES)" : "", modulePath, ts.b);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1555:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s%s%s", ts.a, modulePath, path[0] ? SEPS : "", moduleName, ts.b);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1566:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s%s%s", ts.a, modulePath, path[0] ? SEPS : "", moduleName, ts.b);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1578:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s%s%s", ts.a, modulePath, path[0] ? SEPS : "", moduleName, ts.b);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1596:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s$(OBJ)%s%s%s$(O)%s", ts.a, moduleName, collision ? "." : "", collision ? extension : "", ts.b);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1643:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(modulePath[0]) strcat(modulePath, SEPS);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1648:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "gcc -MT $(OBJ)%s.o -MM %s%s.%s", moduleName,
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1658:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1662:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1671:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1675:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1680:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1776:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(modulePath[0]) strcat(modulePath, SEPS);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1838:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(modulePath[0]) strcat(modulePath, SEPS);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1843:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "gcc -MT $(OBJ)%s.o -MM %s%s.%s",
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1853:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1857:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1866:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1870:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1875:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, item);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1990:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if(modulePath[0]) strcat(modulePath, SEPS);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2174:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempPath, child.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2188:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2189:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, parent.name);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2193:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, temp);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2446:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, name);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2461:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extension, h2s);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2486:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(moduleName, extension);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2489:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(moduleName, objectFileExt);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2549:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2569:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fileName, objectFileExt);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:568:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, $"You have modified projects.\nSave changes to ");
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:574:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, p.name);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:760:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(makefilePath, project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:876:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1295:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fileName, $"Untitled %d", documentID);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1603:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(folder, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1620:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(args, ide.workspace.commandLineArgs);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1661:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s /useenv %s.sln /projectconfig \"%s|Win32\" /command \"%s\"" , "devenv", project.name, config.name, "Debug.Start");
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1756:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(moduleName, line);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1767:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1789:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1819:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, node.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1850:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1879:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1903:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1918:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1935:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2199:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(string, c ? "New Folder (%d)" : "New Folder", c);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2304:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(message, part1);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2305:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(message, nameConflictFiles.count > 1 ? opt2 : opt1);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2306:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(message, part2);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2309:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(message, s);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2372:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s%d.ec", lower, c);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2391:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2403:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, projectNode.name);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2404:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s%d", upper, c);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2406:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(className, name);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2507:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, $"Are you sure you want to remove the folder \"%s\"\n"
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2531:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, $"Are you sure you want to remove the \"%s\" project\n" "from this workspace?", node.name);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:18:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, valgrindLeakCheckNames[this]);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:380:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absolute, p.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:391:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absolute, workspaceDir); //projectDir // CHECK?
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:399:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absolute, dir);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:523:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullPath, prj.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:584:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absolutePath, workspaceDir);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:614:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absolutePath, workspaceDir);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1030:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absolutePath, workspace.workspaceDir);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1099:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, workspace.workspaceDir);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1114:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectFilePath, workspace.workspaceFile);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1153:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(files, item);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1156:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, $"File%s not found", s);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1157:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msg, $"The following file%s could not be re-opened.%s", s, files);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1409:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projectFilePath, workspace.workspaceDir);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1434:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1436:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1438:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1440:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1442:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1444:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1446:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1448:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1451:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, buffer);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1455:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subSection, buffer); // | Do they serve a purpose? They were there for copy paste when adding a new subsection
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:67:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:69:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(slnFileName, "%s.sln", projectName);
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:118:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, project.topNode.path);
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:119:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(slnFileName, "%s.%s", projectName, compiler.type.projectFileExtension);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 2 - Variables and Data Types/Lab2.4/lab2.ec:13:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/installer/coursework/Chapter 2 - Variables and Data Types/Lab2.5/variables.ec:18:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/installer/coursework/Chapter 3 - Operators/Lab3/lab3.ec:162:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/installer/coursework/Chapter 4 - Flow Control/Lab4/lab4.ec:86:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/colors/lab5colors.ec:77:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:97:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec:592:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/installer/src/installer.ec:59:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, name);
data/ecere-sdk-0.44.15/installer/src/installer.ec:99:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, outputFile);
data/ecere-sdk-0.44.15/installer/src/installer.ec:109:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rest, afterSlash);
data/ecere-sdk-0.44.15/installer/src/installer.ec:126:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, DIR_SEPS);
data/ecere-sdk-0.44.15/installer/src/installer.ec:206:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, (this && (is32bit || (arch == bits32 && osIS64bit))) ? installDir32 : installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:219:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path64, parentPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:222:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path32, parentPath32);
data/ecere-sdk-0.44.15/installer/src/installer.ec:233:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(source, dataPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:511:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullPath, path);
data/ecere-sdk-0.44.15/installer/src/installer.ec:520:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(relative, fullPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:523:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(component->installPath, relative);
data/ecere-sdk-0.44.15/installer/src/installer.ec:644:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defPath, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:650:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defSamplesPath, appData);
data/ecere-sdk-0.44.15/installer/src/installer.ec:654:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(components[ComponentID::samples].installPath, components[ComponentID::samples].defInstallPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:659:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defPath, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:665:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defExtrasPath, appData);
data/ecere-sdk-0.44.15/installer/src/installer.ec:669:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(additional[AdditionalID::extras].installPath, additional[AdditionalID::extras].defInstallPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:735:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir, destBox.path);
data/ecere-sdk-0.44.15/installer/src/installer.ec:831:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, parentPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:875:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, parentPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:884:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(component.installPath, component.defInstallPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1027:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir32, programFilesDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1030:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir, programFilesDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1035:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir, programFilesDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1037:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir32, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1042:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir, homeDrive);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1044:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir32, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1049:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir, winDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1051:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir32, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1057:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir32, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1065:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defSamplesPath, appData);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1069:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(defExtrasPath, appData);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1301:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(start, path);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1305:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(userPath, path);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1317:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldPath, userPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1323:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldPath, systemPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1377:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(keyName, "%s\\shell", extension);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1382:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(keyName, "%s\\shell\\%s", name, action);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1386:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(keyName, "%s\\shell\\%s\\command", name, action);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1389:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(keyName, path);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1408:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(installDir32, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1565:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uninstaller, installDir);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1653:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destPath, userProfile);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1667:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(startMenuPath, userProfile);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1673:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destPath, startMenuPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1677:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destPath, startMenuPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1685:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destPath, startMenuPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1702:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destPath, startMenuPath);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1726:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(desktopPath, userProfile);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1769:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destPath, appData);
data/ecere-sdk-0.44.15/samples/db/MedDB/med.ec:57:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s: %s %s", formName ? formName : "", amountString, unitName ? unitName : "");
data/ecere-sdk-0.44.15/samples/db/MovieCollection/reports.ec:12:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(stringOutput, "%s %d, %d", months[month], day, year);
data/ecere-sdk-0.44.15/samples/eC/fibonacci/fibo.ec:29:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(number, FORMAT64U, num1);
data/ecere-sdk-0.44.15/samples/eC/neural/neural.ec:213:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:374:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "Password to level %d is: %s",level+1,passwords[level+1]);
data/ecere-sdk-0.44.15/samples/games/cards/poker/poker.ec:111:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s (%d)", playerNames[c], c + 1);
data/ecere-sdk-0.44.15/samples/games/cards/poker/poker.ec:211:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "Your bet, %s?", playerNames[p]);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:287:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(playerName->name, name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:301:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(game->players[who].name, name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:315:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(playerInfo->name, name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:593:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "Your bet, %s?", player.name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:628:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "Chose your trump, %s?", player.name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/server.ec:347:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(player.name, name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/setup.ec:25:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(player->name, setup.playerName.contents);
data/ecere-sdk-0.44.15/samples/games/chess/src/chess2D.ec:58:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, ":%s.png", names[c]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/CornerBlocksServer.ec:68:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gameInfo.players[0], serverPlayers[0] ? serverPlayers[0].name : "");
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/CornerBlocksServer.ec:69:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gameInfo.players[1], serverPlayers[1] ? serverPlayers[1].name : "");
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/CornerBlocksServer.ec:70:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gameInfo.players[2], serverPlayers[2] ? serverPlayers[2].name : "");
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/CornerBlocksServer.ec:71:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gameInfo.players[3], serverPlayers[3] ? serverPlayers[3].name : "");
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1211:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(string, cornerBlocks.playerNames[ties[c]]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1223:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s won!", cornerBlocks.playerNames[winner]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1408:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(panel.playerNames[np++], gameInfo.players[c]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1646:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Kick %s?", serverPlayers[id].name);
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:207:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list.players[0], crossWordsGame.players[0] ? crossWordsGame.players[0].name : "");
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:208:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list.players[1], crossWordsGame.players[1] ? crossWordsGame.players[1].name : "");
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:209:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list.players[2], crossWordsGame.players[2] ? crossWordsGame.players[2].name : "");
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:210:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list.players[3], crossWordsGame.players[3] ? crossWordsGame.players[3].name : "");
data/ecere-sdk-0.44.15/samples/games/crosswords/crossWords.ec:851:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crossWords.playerNames[c], list.players[c]);
data/ecere-sdk-0.44.15/samples/guiAndGfx/eNotepad/eNotepad.ec:131:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(paramLocation, argv[1]); // how to check if the path is valid?
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:401:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vn, version_name);
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:438:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, message_format, vnp);
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:25:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Remind Me Delay: %s", s);
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:62:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "You will be reminded in %s", s);
data/ecere-sdk-0.44.15/samples/guiAndGfx/slideShow/eShow.ec:90:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName.name, listing.path);
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:146:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, saveFileDialog.currentDirectory);
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:174:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(caption, htmlView.title);
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:202:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newLocation, location ? location : "");
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:208:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newLocation, href);
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:107:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendFileName, outputFile);
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:373:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(connection.recvFileName, fileName);
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:448:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, service ? "%s [<-%s]" : "%s [->%s]", connection.displayedName, address);
data/ecere-sdk-0.44.15/samples/net/eirc/console.ec:198:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, lineBuffer);
data/ecere-sdk-0.44.15/samples/net/eirc/console.ec:240:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(currentCommand, lineBuffer);
data/ecere-sdk-0.44.15/samples/net/eirc/console.ec:263:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(currentCommand, lineBuffer);
data/ecere-sdk-0.44.15/samples/net/eirc/console.ec:309:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(text, format, args);
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:65:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "PRIVMSG %s :", tokens[1]);
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:69:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, tokens[c]);
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:83:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, tokens[c]);
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:99:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, tokens[1]);
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:109:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendbuf, tokens[0]);
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:113:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, tokens[c]);
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:102:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, CONTENT_PATH);
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:132:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(reply, addedPath);
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:142:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(indexFile, path);
data/ecere-sdk-0.44.15/samples/net/smtp/smtp.ec:75:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("pause");
data/ecere-sdk-0.44.15/samples/threads/threadsAndListBoxes/blank.ec:21:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this.string,string);
data/ecere-sdk-0.44.15/samples/threads/threadsAndListBoxes/blank.ec:137:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "Error: The value \"%s\" is already in the list!", string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:790:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char * getenv(const char * name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6060:102: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("getenv", "char * getenv(const char * name)", getenv, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:244:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char * getenv(const char * name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:710:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * hostType = getenv("HOSTTYPE");
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1765:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
String hostType = getenv("HOSTTYPE");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:393:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if((env = getenv("_")))
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6553:75: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
eSystem_RegisterFunction("getenv", "char * getenv(const char * name)", getenv, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D8DisplayDriver.ec:247:29: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
d3dSystem.d3dDll = LoadLibrary("d3d8.dll");
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D9DisplayDriver.ec:254:29: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
d3dSystem.d3dDll = LoadLibrary("d3d9.dll");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:104:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * ecereFonts = getenv("ECERE_FONTS");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:335:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(getenv("ECERE_FONTS"))
data/ecere-sdk-0.44.15/ecere/src/gui/GuiApplication.ec:641:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * display = getenv("DISPLAY");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:201:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * home = getenv("HOME");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:213:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * profile = getenv("USERPROFILE");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:223:38: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * homedrive = getenv("HOMEDRIVE");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:224:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * homepath = getenv("HOMEPATH");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:244:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * allUsers = getenv("ALLUSERSPROFILE");
data/ecere-sdk-0.44.15/ecere/src/sys/Mutex.ec:69:7: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&mutex);
data/ecere-sdk-0.44.15/ecere/src/sys/Mutex.ec:124:10: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&mutex);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:272:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * result = getenv(envName);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:858:4: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(seed);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:860:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:869:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define rand_fn random
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:257:28: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HINSTANCE hinstLib = LoadLibrary(TEXT("Kernel32.dll"));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4482:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home_dir = getenv("USERPROFILE");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4487:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home_dir = getenv("HOME");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4494:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
zDrive = getenv("HOMEDRIVE");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4495:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
zPath = getenv("HOMEPATH");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:21614:7: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&winMutex_staticMutexes[i].mutex);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:21708:9: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&p->mutex);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:21774:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&p->mutex);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30119:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
lk = random();
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:32696:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[0] ) azDirs[0] = getenv("SQLITE_TMPDIR");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:32697:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[1] ) azDirs[1] = getenv("TMPDIR");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33120:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *envforce = getenv("SQLITE_FORCE_PROXY_LOCKING");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:39494:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[0] ) azDirs[0] = getenv("SQLITE_TMPDIR");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:39495:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[1] ) azDirs[1] = getenv("TMPDIR");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:39496:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[2] ) azDirs[2] = getenv("TMP");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:39497:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[3] ) azDirs[3] = getenv("TEMP");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:39498:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[4] ) azDirs[4] = getenv("USERPROFILE");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101821:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VFUNCTION(random, 0, 0, 0, randomFunc ),
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:20664:7: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&winMutex_staticMutexes[i].mutex);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:20748:9: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&p->mutex);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:20797:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&p->mutex);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:27933:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
lk = random();
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30116:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( !azDirs[1] ) azDirs[1] = getenv("TMPDIR");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30530:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *envforce = getenv("SQLITE_FORCE_PROXY_LOCKING");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:89016:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
FUNCTION(random, 0, 0, 0, randomFunc ),
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:19:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
public enum AccessOptions { integral, random };
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:274:43: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * compiler = getenv("COMPILER");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2223:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const String language = getenv("ECERE_LANGUAGE");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2224:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(!language) language = getenv("LANGUAGE");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2225:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(!language) language = getenv("LC_ALL");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2226:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(!language) language = getenv("LC_MESSAGES");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2227:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(!language) language = getenv("LANG");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2297:41: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envBackup[e.name] = CopyString(getenv(e.name));
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:201:27: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HINSTANCE hDll = LoadLibrary("kernel32");
data/ecere-sdk-0.44.15/ide/src/ide.ec:3886:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * home = getenv("HOME");
data/ecere-sdk-0.44.15/ide/src/ide.ec:3887:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * homeDrive = getenv("HOMEDRIVE");
data/ecere-sdk-0.44.15/ide/src/ide.ec:3888:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * homePath = getenv("HOMEPATH");
data/ecere-sdk-0.44.15/ide/src/ide.ec:3889:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * userProfile = getenv("USERPROFILE");
data/ecere-sdk-0.44.15/ide/src/ide.ec:3890:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * systemDrive = getenv("SystemDrive");
data/ecere-sdk-0.44.15/samples/guiAndGfx/treeView/explorer.ec:32:71: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const String rootDir = (GetRuntimePlatform() == win32) ? "c:" : getenv("HOME");
data/ecere-sdk-0.44.15/audio/mixer.ec:219:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream, buffer, lenToFill);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:642:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __ecere_padding[40];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:879:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultOutputFile[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1056:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[3075];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1129:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char impFile[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1131:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1132:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mainModuleName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1161:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char junk[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1197:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symFile[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1198:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symLocation[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/AVLTree.c:99:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/AVLTree.c:423:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)(((unsigned char *)&node->key) + __ENDIAN_PAD(sizeof(void *))), (void *)(uintptr_t)value, ((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[5].__anon1.__anon1.dataTypeClass->structSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/AVLTree.c:458:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)(((unsigned char *)&node->key) + __ENDIAN_PAD(sizeof(void *))), (void *)(uintptr_t)value, ((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[5].__anon1.__anon1.dataTypeClass->structSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:116:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:176:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(piv, (char *)base + L * w, w);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:183:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)base + L * w, (char *)base + R * w, w);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:190:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)base + R * w, (char *)base + L * w, w);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:194:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)base + L * w, piv, w);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:643:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(item, (((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->type == 1) ? (char *)(uintptr_t)(value) : ((char *)&value + __ENDIAN_PAD(((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize)), ((struct __ecereNameSpace__ecere__com__Instance * )(char * )this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:676:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy((uint64 *)pos, (((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->type == 1) ? (char *)(uintptr_t)(value) : ((char *)&value + __ENDIAN_PAD(((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize)), ((struct __ecereNameSpace__ecere__com__Instance * )(char * )this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:686:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy((char *)__ecerePointer___ecereNameSpace__ecere__com__Array->array + (__ecerePointer___ecereNameSpace__ecere__com__Array->count * ((struct __ecereNameSpace__ecere__com__Instance * )(char * )this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize), (((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->type == 1) ? (char *)(uintptr_t)(value) : ((char *)&value + __ENDIAN_PAD(((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize)), ((struct __ecereNameSpace__ecere__com__Instance * )(char * )this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:801:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__com__Array->array, ((struct __ecereNameSpace__ecere__com__Array *)(((char *)((struct __ecereNameSpace__ecere__com__Instance *)source) + 0 + sizeof(struct __ecereNameSpace__ecere__com__Instance))))->array, __ecerePointer___ecereNameSpace__ecere__com__Array->count * ((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Array.c:839:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy((char *)__ecerePointer___ecereNameSpace__ecere__com__Array->array + ((c) * ((struct __ecereNameSpace__ecere__com__Instance * )(char * )this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize), (((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->type == 1) ? (char *)(uintptr_t)(data) : ((char *)&data + __ENDIAN_PAD(((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[2].__anon1.__anon1.dataTypeClass->typeSize)), ((struct __ecereNameSpace__ecere__com__Instance * )(char * )this)->_class->templateArgs[0].__anon1.__anon1.dataTypeClass->typeSize));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:775:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeString[10] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:779:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nodeString, "%d", (int)this->key);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:107:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:494:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + totalBytesRead, fileBuffer, bytesRead);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:605:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->buffer, __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->buffer + missing, __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->bufferPos - missing);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:615:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->buffer + __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->bufferPos, buffer, bytesToBuffer);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:624:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->buffer, buffer + numBytes - bytesToBuffer, bytesToBuffer);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BuiltInContainer.c:476:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemString[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BuiltInContainer.c:489:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Container.c:1004:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemString[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Container.c:1045:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/DualPipe.c:255:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commandLine[1025];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/DualPipe.c:269:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commandLine[1025];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:80:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:222:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern int atoi(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:997:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1025];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1281:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1312:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1396:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1399:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1405:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1414:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1423:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1456:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1494:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[65536];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/List.c:105:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/List.c:430:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&link->data, (void *)(uintptr_t)value, ((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[6].__anon1.__anon1.dataTypeClass->structSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/List.c:472:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&link->data, (void *)(uintptr_t)value, sType);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Map.c:123:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Map.c:635:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&node->value, (void *)(uintptr_t)value, ((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[6].__anon1.__anon1.dataTypeClass->structSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/Map.c:755:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((unsigned char *)&node->key + __ENDIAN_PAD(Tclass->typeSize), (unsigned char *)((char *)&pos + __ENDIAN_PAD(((struct __ecereNameSpace__ecere__com__Instance *)(char *)this)->_class->templateArgs[5].__anon1.__anon1.dataTypeClass->typeSize)) + __ENDIAN_PAD(Tclass->typeSize), Tclass->typeSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/OldList.c:98:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/OldList.c:119:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((unsigned char *)this + sizeof(struct __ecereNameSpace__ecere__sys__Item), (unsigned char *)src + sizeof(struct __ecereNameSpace__ecere__sys__Item), size - sizeof(struct __ecereNameSpace__ecere__sys__Item *));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:215:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:235:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern int atoi(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:456:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, string, len + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:467:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[8];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:469:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "%%.0%df", prec);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:473:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " GB");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:478:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " MB");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:483:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " KB");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:487:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d B", size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:494:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[8];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:496:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "%%.0%df", prec);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:500:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " TB");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:505:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " GB");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:510:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " MB");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:515:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " KB");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:519:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%.0f B", size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:725:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:728:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:733:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:793:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ofPart[274], ofRest[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:794:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathPart[274], pathRest[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:819:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[797] = "", archiveName[797] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:847:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fileName, addedPath, len);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:907:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[4384];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:953:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "..");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:987:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileName, "..");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1027:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[797] = "", archiveName[797] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1055:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fileName, addedPath, len);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1117:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[4384];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1165:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "..");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1199:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileName, "..");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1246:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathPart[4384], pathRest[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1247:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toPart[4384], toRest[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1261:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(destination, "..");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1602:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__sys__ZString->_string, value, newLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1687:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__sys__ZString->_string + __ecerePointer___ecereNameSpace__ecere__sys__ZString->len, ((struct __ecereNameSpace__ecere__sys__ZString *)(((char *)s + __ecereClass___ecereNameSpace__ecere__sys__ZString->offset)))->_string, addedLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:80:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:148:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logFile[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:493:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1025];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:109:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:399:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, __ecerePointer___ecereNameSpace__ecere__sys__TempFile->buffer + __ecerePointer___ecereNameSpace__ecere__sys__TempFile->position, read);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:421:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__sys__TempFile->buffer + __ecerePointer___ecereNameSpace__ecere__sys__TempFile->position, buffer, writeSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:99:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:187:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:229:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:343:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", *data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:362:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", (int)*data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:415:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%u", *data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:438:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%u", (unsigned int)*data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:444:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%x", *data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:493:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%u", (int)*data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:504:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "'\\t'");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:506:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "'\\n'");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:508:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "'\\r'");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:510:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "'\\a'");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:512:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "'\\\\'");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:514:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "'\\x%x'", ch);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:516:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "'%c'", ch);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:519:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%c", *data);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:682:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:684:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:689:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:691:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:700:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[10];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:706:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "%%.%df", numDigits);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:800:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:802:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:807:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:809:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:817:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%.15g", f);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:819:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%.13lf", f);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:861:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, newData, len + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:879:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, newData, len + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1418:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, newData, _class->typeSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1427:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, newData, _class->typeSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1540:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, result, len);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1561:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + len, result, newLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1631:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1652:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1673:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1692:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[8];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1717:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[8];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1742:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[8];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1761:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[2];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1780:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[2];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1799:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1820:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1839:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[8];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1864:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[8];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1985:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ecerePointer___ecereNameSpace__ecere__com__SerialBuffer->_buffer + __ecerePointer___ecereNameSpace__ecere__com__SerialBuffer->count, bytes, numBytes);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2001:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bytes, __ecerePointer___ecereNameSpace__ecere__com__SerialBuffer->_buffer + __ecerePointer___ecereNameSpace__ecere__com__SerialBuffer->pos, read);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2294:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2302:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, buffer, len + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2309:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2317:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, buffer, len);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2327:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2338:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2499:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2578:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char internalMemberString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2596:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "{ ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2599:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, " }");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2640:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char internalMemberString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2645:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, " { ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2648:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, " }");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2671:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2675:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2688:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, "\\\"");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2693:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, "\\\\");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2803:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2804:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2928:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(int) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:453:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:454:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lcAll[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:455:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:456:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:457:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lcMessages[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:459:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char genericLocale[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:487:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(locale, "zh_CN");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/i18n.c:498:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(genericLocale, "zh_CN");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:80:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:264:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * __ecereNameSpace__ecere__com__platformNames[4] =
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:343:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned int ch = ((unsigned char *)source)[c];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:517:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b = ((unsigned char *)string)[0];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:550:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ch |= (b = ((unsigned char *)string)[i]) & mask;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:694:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:786:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern int atoi(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:935:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:943:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, a + c, s);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:944:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a + c, b + c, s);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:945:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b + c, buffer, s);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:1532:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newPointer, pointer, (__simpleStruct0 = block->size, (size < __simpleStruct0) ? size : __simpleStruct0));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:1592:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newPointer, pointer, (__simpleStruct0 = block->size, (size < __simpleStruct0) ? size : __simpleStruct0));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:1957:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:3483:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((struct __ecereNameSpace__ecere__com__Instance *)(char *)instance)->_vTbl, ((struct __ecereNameSpace__ecere__com__Instance *)(char *)instance)->_class->_vTbl, sizeof(int (*)()) * ((struct __ecereNameSpace__ecere__com__Instance *)(char *)instance)->_class->vTblSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:4443:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:4444:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[17];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:4986:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateClassName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5011:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_class->data, base->data, offsetClass);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5282:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5285:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(className, param->defaultArg.__anon1.__anon2.memberString, colon - param->defaultArg.__anon1.__anon2.memberString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5361:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(templatedClass->templateArgs, templatedClass->base->templateArgs, sizeof(struct __ecereNameSpace__ecere__com__ClassTemplateArgument) * (numParams - templatedClass->templateParams.count));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5415:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5498:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5505:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, equal, paramEnd - equal);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5510:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, paramStart, paramEnd - paramStart);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5672:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5703:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5727:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5731:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5887:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5890:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(className, memberString, colon - memberString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6057:89: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("atoi", "int atoi(const char*)", atoi, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6081:120: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("memcpy", "void * memcpy(void *, const void *, uintsize size)", memcpy, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6182:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((unsigned char *)_class->data, (unsigned char *)base->data, totalSizeClass - _class->sizeClass);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6199:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_class->_vTbl + baseClass->vTblSize, mod->_vTbl + baseClass->vTblSize, (mod->base->vTblSize - baseClass->vTblSize) * sizeof(void *));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6360:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char noTemplateName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6377:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/memory.c:119:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/memory.c:132:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, source, count);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/memory.c:137:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, source, count << 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/memory.c:142:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, source, count << 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:1693:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8192];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:1907:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[8192];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2078:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataTypeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2120:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2166:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2329:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2524:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2536:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2636:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2662:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2690:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2742:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultSymFile[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2903:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[3075];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2994:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char junk[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mainModuleName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:73:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char projectName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:967:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1244:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1245:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1256:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1279:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1280:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1291:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1401:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1403:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1419:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1420:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1431:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1450:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1451:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1462:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1583:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1584:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1595:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1618:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1619:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1630:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1741:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1742:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1753:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1773:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1774:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1785:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1985:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2015:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2039:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char functionName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2050:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2086:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2361:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2411:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classID[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2412:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2418:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classID, "_class");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2441:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2466:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char functionName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2541:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2651:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2688:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2893:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[17];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2894:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbolModule[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2921:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[16384];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2923:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[512];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2950:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[17];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2974:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[16384];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2976:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[512];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3003:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[17];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3004:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3010:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(moduleName, ".ec");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3015:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3046:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[65536];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3191:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char potFileName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3193:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(potFileName, "locale");
data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdio.h:24:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fopen(const char *path, const char *mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:163:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:1197:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:1205:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:1212:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:1219:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, className, stringLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2685:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcFileFixed[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2686:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char potFile[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2774:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pair.string, string + 1, len - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2780:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pair.context, context + 1, len - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2831:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgid + 1, context + 1, lenContext - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2833:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgid + 1 + lenContext - 2 + 1, string + 1, lenString - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2834:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgid + 1 + lenContext - 2 + 1 + lenString - 2, "\"", 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2877:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2890:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fullName, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2897:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fullName + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2903:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fullName + len, name, stringLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2973:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2976:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, string, c + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3046:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3053:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3060:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3087:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3091:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3128:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameBuffer[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3133:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(nameBuffer, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3274:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3361:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3363:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "DCOMClient_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3374:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3382:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nameSpace, name, c - name - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3548:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3553:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3560:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3566:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, inst->exp->__anon1.__anon1.identifier->string, stringLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3704:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3709:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3716:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3722:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, id->string, stringLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3744:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3746:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", (*d->initializer->__anon1.list).count);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3752:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3770:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", count);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3845:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3851:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3856:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3863:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3869:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, id->string, stringLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4002:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4007:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4014:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4020:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, id->string, stringLen);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4355:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idString[32];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4356:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4358:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idString, "%d", id);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4359:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4971:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:138:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1483:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1484:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1487:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, exp->__anon1.db.table + 1, len - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1498:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1499:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1502:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, exp->__anon1.db.table + 1, len - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1513:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1514:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1517:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, exp->__anon1.db.table + 1, len - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1534:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numIndexesString[16];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1570:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(numIndexesString, "%d", numIndexes);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1610:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1611:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rowClassName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1614:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableID[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1615:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameField[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1622:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, table->name + 1, len - 2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1677:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldID[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1691:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1826:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldID[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1889:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexID[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1893:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1918:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldID[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1920:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num, "%d", c);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1925:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num, "%d", c);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:80:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:495:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10000];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:496:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:594:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:595:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1[1024], type2[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:711:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:1850:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10000];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c:173:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1254:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataTypeString[8192];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1301:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[8192];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1355:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[8192];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1479:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1663:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/firstPass.c:1681:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:181:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:324:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9905:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9907:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "__asm__(");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:12181:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(yyval.string, yyvsp[(1) - (2)].string, len1 - 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:12182:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(yyval.string + len1 - 1, yytext + 1, len2);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:80:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:224:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileStack[30][797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:404:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:870:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileStack[30][797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:893:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:915:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:923:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[17];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:972:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char includeFile[797] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:1009:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[17];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:2535:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((struct LexerBackup *)(((char *)backup + __ecereClass_LexerBackup->offset)))->include_stack, include_stack, sizeof (include_stack));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:2536:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((struct LexerBackup *)(((char *)backup + __ecereClass_LexerBackup->offset)))->fileStack, fileStack, sizeof (fileStack));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:2537:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((struct LexerBackup *)(((char *)backup + __ecereClass_LexerBackup->offset)))->sourceFileStack, sourceFileStack, sizeof (sourceFileStack));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:2538:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((struct LexerBackup *)(((char *)backup + __ecereClass_LexerBackup->offset)))->locStack, locStack, sizeof (locStack));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:2539:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((struct LexerBackup *)(((char *)backup + __ecereClass_LexerBackup->offset)))->declModeStack, declModeStack, sizeof (declModeStack));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char sourceFileStack[30][797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:174:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:535:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileStack[30][797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:684:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:685:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:686:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:697:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1String[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:698:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2String[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:736:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1136:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1137:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1303:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1310:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1322:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1385:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "DCOMClient_";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1453:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1455:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, line, (int)(equal - line));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1470:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1512:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1571:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1621:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1733:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1757:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1781:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1897:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysFileName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1908:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1913:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileModule[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1930:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[17];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1932:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symFile[797];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:2061:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configDir[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:2076:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:1829:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[274] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:1830:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origName[274] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:3237:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:3238:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:3404:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[274] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:3405:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origName[274] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:3988:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:4012:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "uint64");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:4420:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[274] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/output.c:5175:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:237:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output, "__ecereNameSpace__");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1757:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1758:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1759:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constructorName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:1760:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destructorName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2035:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classDataStructName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2039:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classDataStructName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2056:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2077:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(destructorName, "__ecereDestructor_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2133:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(constructorName, "__ecereConstructor_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2254:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2259:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2261:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2291:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2293:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2349:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2351:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_IsSet_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2379:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2387:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2422:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2429:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "class::__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2431:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2465:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "class::__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2467:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2538:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newId, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1557:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1765:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataMemberSize[16];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1770:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dataMemberSize, "%d", (int)sizeof(struct __ecereNameSpace__ecere__com__DataMember *));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1776:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1788:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1790:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1798:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1800:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1819:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1834:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024], nameM[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1848:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1850:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1858:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1860:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1879:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1883:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nameM, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1898:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1900:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1902:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_IsSet_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1944:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1946:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", bitMember->size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1950:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1952:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", bitMember->pos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1982:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[200];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1984:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "\"__ecerePrivateData%d\"", privateID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1988:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[200];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1990:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "\"byte[%d]\"", offset);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1994:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1996:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", offset);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2032:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2043:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", member->dataType->size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2051:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", member->dataType->alignment);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2079:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberName[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2081:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(memberName, "dataMember%d", memberCount);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2128:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024], nameM[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2130:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2134:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nameM, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2146:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2160:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2162:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2170:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2172:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2229:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char registerName[1024], moduleName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2264:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char registerName[1024], moduleName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2414:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char watcherName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2420:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(watcherName, "__ecerePropertySelfWatcher_%d", propWatcherID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2504:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2505:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2527:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2569:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseStructName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2583:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classDataStructName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2585:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classDataStructName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2683:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2728:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2860:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberTypeString[132] = "TemplateMemberType::";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2891:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2903:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:3071:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:3163:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:3216:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:3217:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:285:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:457:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:464:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, "LL");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:470:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:483:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:494:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:507:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:514:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, "LL");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:520:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:531:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:533:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", (unsigned short)result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:539:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:542:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "0x%X", (int)result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:544:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", (int)result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:550:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:552:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "0x%X", result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:558:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:561:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "'%c'", result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:563:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", (int)result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:565:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "0x%X", (unsigned char)result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:571:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[350];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:576:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:578:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:583:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:585:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:588:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%.16ff", result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:594:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[350];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:599:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:601:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "inf");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:606:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:608:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "nan");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:611:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%.16f", result);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7193:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "dllexport ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7195:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "stdcall ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7827:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "const ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7836:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "typed_object");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7838:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "any_object");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7845:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " &");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7849:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "void");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7870:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "_Bool");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7876:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "float");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7879:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "double");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7884:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "struct ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7893:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "struct { ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7897:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "; ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7905:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "union ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7912:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "union ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7913:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "(unnamed)");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7919:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "enum ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7925:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "int");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7928:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "...");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7931:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "subclass(");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7939:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "thisclass");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7942:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "__builtin_va_list");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8222:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " const");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8225:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " (");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8236:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " *");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8239:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " const");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8476:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8496:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nameSpace, name, c + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8519:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8551:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8571:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "class");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8592:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8599:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8601:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(count, ":%d", type->bitFieldCount);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8755:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8758:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(curName, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8864:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8866:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9056:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9065:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(className, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9069:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(className, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9111:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(className, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9115:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(className, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9257:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constant[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9318:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constant[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9321:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(constant, "%d", (int)classProp->Get(_class));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9344:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(setName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9346:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(setName, "_Set_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9348:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(getName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9350:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(getName, "_Get_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9544:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9554:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9564:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9861:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9865:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereFunction_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9875:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024], propNameM[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9876:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9880:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9884:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propNameM, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:10299:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:10301:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:10335:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizeString[50];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:10337:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sizeString, "%d", maxSize - totalSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:10746:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11004:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11039:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11042:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", e->expType->size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11060:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11074:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11078:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "__internalValue%03X", internalValueCounter++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11179:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11288:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11385:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11453:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constant[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11676:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expression[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:11959:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:12687:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13057:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13182:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13233:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13240:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13271:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13275:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13315:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13459:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13584:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, value->__anon1.instance->data, type->size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13656:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14020:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14354:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14356:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14663:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14675:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[16];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14677:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereInstMeth_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14682:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(number, "_%08d", instMethodID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15235:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iteratorType[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15300:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeStringBuf[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15487:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count[128];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15489:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(count, "%d", builtinCount);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15620:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char watcherName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15624:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(watcherName, "__ecerePropertyWatcher_%d", propWatcherID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15626:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(watcherName, "_delete");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15662:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15667:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15671:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15809:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15814:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15818:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16066:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16069:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16143:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16146:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16170:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16173:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16181:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16187:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereFunction_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16235:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if((int)((unsigned char *)constant)[1] > 127)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16519:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16663:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1String[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16664:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2String[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16960:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString1[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16961:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString2[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16962:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16963:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17131:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString1[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17132:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString2[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17133:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1String[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17134:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2String[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17234:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10000];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17247:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17396:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17463:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp1[1024], temp2[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17468:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp1, "__simpleStruct%d", curContext->simpleID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17478:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp2, "__simpleStruct%d", curContext->simpleID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17545:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17902:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thisClassTypeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17911:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisClassTypeString, param->defaultArg.__anon1.__anon2.memberString, colon - param->defaultArg.__anon1.__anon2.memberString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17925:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17964:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:17971:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18007:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18011:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18084:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18167:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18174:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(structName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18463:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18502:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18509:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18540:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18544:1: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18589:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18641:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18693:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18695:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18876:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18879:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(structName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18897:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeStringBuf[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18959:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19087:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19092:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19109:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19125:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19126:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19225:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19277:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19309:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19310:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19343:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19458:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pointerName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19463:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pointerName, "__ecerePointer_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19466:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19468:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19484:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:19486:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", _class->offset);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:148:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void * memcpy(void * , const void * , size_t size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1324:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1542:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1579:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pos[10];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1581:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos, "%d", bitMember->pos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1597:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1663:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1752:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1844:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:1964:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char registerName[1024], moduleName[274];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:2437:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:2440:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:2659:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:2661:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:2702:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:2898:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3039:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext->simpleID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3090:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3095:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", c->structSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3101:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3148:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecereTemp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3175:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ecereTemp, "__ecereInstance%d", tempCount);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3562:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3564:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3607:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(struct __ecereNameSpace__ecere__com__DataMember *) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3905:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3977:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3989:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass16.c:3994:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", c->structSize);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1694:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1699:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1723:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1725:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1738:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1740:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1871:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1937:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1940:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext->simpleID);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1963:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1966:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext->simpleID);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2067:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask[32], shift[10];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2076:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(shift, "%d", bitMember->pos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2146:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2231:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecereTemp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2236:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ecereTemp, "__ecTemp%d", exp->tempCount);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2419:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2423:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2739:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iteratorType[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2806:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2811:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2890:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2902:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2905:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "class");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2918:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2957:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2959:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3083:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3090:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "class");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3093:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3173:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3212:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3215:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", e->expType->size);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3266:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3296:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3299:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "__internalValue%03X", internalValueCounter++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3362:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3370:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "class");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3374:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3500:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[2048] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3562:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3578:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3584:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext->simpleID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3618:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3627:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext->simpleID++);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3700:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[2048];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3731:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3738:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3745:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3747:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3772:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3837:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask[32], shift[10];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3847:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(shift, "%d", bitMember->pos);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3860:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pointerName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3862:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pointerName, "__ecerePointer_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3872:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3873:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3875:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3894:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecereTemp[100];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3902:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ecereTemp, "__ecTemp%d", exp->tempCount);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3921:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3923:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", c->offset);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3960:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3962:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", c->offset);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:4088:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:4092:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:4126:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:4135:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(typeString, "void *");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c:321:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newID[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c:326:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newID, "__ecereNameSpace__");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c:1104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c:1119:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024] = "";
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c:175:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen(const char * path, const char * mode);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:245:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultOutputFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:462:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_F_STRING*3];
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:510:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char impFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:512:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:513:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mainModuleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:554:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char junk[4096];
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:569:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symFile[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:570:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:178:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataTypeString[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:228:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:280:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:477:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:683:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:696:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "::");
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:822:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[8192];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:899:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:924:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:956:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1210:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8192];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1329:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultSymFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1527:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_F_STRING*3];
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1582:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char junk[4096];
data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec:21:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[65536];
data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec:77:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*s + stringLen, line+1, len-2);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mainModuleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char projectName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:46:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:321:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:372:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:396:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char functionName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:407:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:428:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:521:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:556:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classID[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:557:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:563:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classID, "_class");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:589:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:615:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char functionName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:670:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:722:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:750:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:885:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:886:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:897:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:925:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:926:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:938:31: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1057:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1058:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1076:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1077:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1089:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1112:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1113:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1124:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1271:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1272:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1283:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1311:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1312:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1324:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1452:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1453:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1465:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1491:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1492:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1503:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1724:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1725:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbolModule[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1758:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[16384];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1760:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[512];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1785:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1810:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[16384];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1812:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[512];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1839:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1840:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1848:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(moduleName, ".ec");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1854:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1892:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[65536];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1982:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char potFileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1985:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(potFileName, "locale");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:78:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:81:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, string, c+1);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:295:43: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
pair.string = new byte[len-2+1]; memcpy(pair.string, string+1, len-2); pair.string[len-2] = '\0';
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:296:81: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(context) { len = strlen(context); pair.context = new byte[len-2+1]; memcpy(pair.context, context+1, len-2); pair.context[len-2] = '\0'; }
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:321:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgid+1, context+1, lenContext-2);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:323:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgid+1+lenContext-2+1, string+1, lenString-2);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:324:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgid+1+lenContext-2+1+lenString-2, "\"", 2);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:748:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:752:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:759:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:766:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, inst.exp.identifier.string, stringLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:789:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:796:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:800:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:807:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:813:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, id.string, stringLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:940:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:944:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:951:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:957:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, id.string, stringLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:978:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:979:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d",d.initializer.list->count);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:985:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1004:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", count);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1217:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1221:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1228:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1234:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, id.string, stringLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1358:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1364:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1370:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1417:29: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(arg.prev) strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1421:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1472:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1473:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "DCOMClient_");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1484:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1491:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nameSpace, name, c - name - 2);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1764:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1771:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1778:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1785:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + len, className, stringLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1802:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameBuffer[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1806:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(nameBuffer, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1854:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1959:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2161:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2174:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fullName, defaultNameSpace, defaultNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2181:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fullName + len, currentNameSpace, currentNameSpaceLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2187:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fullName + len, name, stringLen);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2993:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idString[32];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2994:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2996:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idString, "%d", id);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2997:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:3031:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcFileFixed[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:3032:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char potFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:167:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:168:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:170:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, exp.db.table+1, len-2);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:181:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:182:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:184:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, exp.db.table+1, len-2);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:195:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:196:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:198:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, exp.db.table+1, len-2);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:215:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numIndexesString[16];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:275:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(numIndexesString, "%d", numIndexes);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:719:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:720:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rowClassName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:723:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tableID[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:724:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameField[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:731:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tableName, table.name+1, len-2);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:800:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldID[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:816:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:989:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldID[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1079:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexID[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1083:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1109:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldID[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1111:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num, "%d", c);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:1119:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num, "%d", c);
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:298:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:299:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1[1024], type2[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1660:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10000];
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1711:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10000];
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1712:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/ecdefs.ec:1766:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256];
data/ecere-sdk-0.44.15/compiler/libec/src/expression.ec:3301:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/ecere-sdk-0.44.15/compiler/libec/src/expression.ec:3318:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yyformat[sizeof yyunexpected
data/ecere-sdk-0.44.15/compiler/libec/src/expression.ec:4378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:36:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataTypeString[8192];
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:95:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[8192];
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:157:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[8192];
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:321:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:517:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/firstPass.ec:536:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/freeAst.ec:397:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugExpString[4096];
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:11385:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:11402:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yyformat[sizeof yyunexpected
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:13434:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:20021:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:20022:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "__asm__(");
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:22271:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.string), (yyvsp[(1) - (2)].string), len1-1);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:22272:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.string) + len1-1, yytext+1, len2);
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:1283:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileStack[MAX_INCLUDE_DEPTH][MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3461:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3483:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3493:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3559:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char includeFile[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3597:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3663:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileStack[MAX_INCLUDE_DEPTH][MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3688:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup.include_stack, include_stack, sizeof(include_stack));
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3689:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup.fileStack, fileStack, sizeof(fileStack));
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3690:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup.sourceFileStack, sourceFileStack, sizeof(sourceFileStack));
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3691:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup.locStack, locStack, sizeof(locStack));
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3692:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup.declModeStack, declModeStack, sizeof(declModeStack));
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:13:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char sourceFileStack[MAX_INCLUDE_DEPTH][MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:140:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:156:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:168:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:242:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "DCOMClient_";
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:311:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:312:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, line, (int)(equal - line));
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:327:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:366:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:422:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:461:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:559:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:580:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:601:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:713:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysFileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:726:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:730:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileModule[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:749:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:751:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:872:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configDir[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:889:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:916:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
includes = renew includes char *[numIncludes+1];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:930:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:1010:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1String[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:1011:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2String[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:135:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:372:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:373:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origName[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:613:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:640:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "uint64");
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:1105:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:1106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origName[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:1186:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:1187:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/output.ec:1330:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:25:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output, "__ecereNameSpace__");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:395:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:396:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:397:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constructorName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:398:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destructorName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:749:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classDataStructName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:753:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classDataStructName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:772:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:800:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(destructorName, "__ecereDestructor_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:889:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(constructorName, "__ecereConstructor_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1072:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1076:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1078:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1124:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1126:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1188:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1190:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_IsSet_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1234:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1244:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1287:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1293:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "class::__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1295:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1372:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "class::__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1374:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1475:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newId, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:269:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char registerName[1024], moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:311:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char registerName[1024], moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:352:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataMemberSize[16];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:358:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dataMemberSize, "%d", (int)sizeof(DataMember));
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:364:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:380:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:382:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:392:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:394:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:419:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:438:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024], nameM[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:457:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:459:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:468:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:470:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:492:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:497:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nameM, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:516:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:517:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:519:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_IsSet_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:575:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:576:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", bitMember.size);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:581:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:582:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", bitMember.pos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:621:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[200];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:622:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "\"__ecerePrivateData%d\"", privateID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:627:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[200];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:628:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "\"byte[%d]\"", offset);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:633:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:634:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", offset);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:685:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:696:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", member.dataType.size);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:705:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", member.dataType.alignment);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:740:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberName[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:741:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(memberName, "dataMember%d", memberCount);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:811:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024], nameM[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:813:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:818:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nameM, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:834:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:853:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:855:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Set_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:864:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereClassProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:866:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "_Get_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:889:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1006:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char watcherName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1012:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(watcherName,"__ecerePropertySelfWatcher_%d", propWatcherID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1098:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1099:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1130:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1177:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseStructName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1198:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classDataStructName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1199:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classDataStructName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1353:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1401:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1563:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberTypeString[132] = "TemplateMemberType::";
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1594:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1606:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1805:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1912:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1960:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1961:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:204:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:210:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, "LL");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:216:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:228:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:238:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:250:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:256:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, "LL");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:262:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:272:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:273:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", (unsigned short)result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:279:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:281:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "0x%X", (int)result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:283:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", (int)result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:289:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:291:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "'%c'", result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:293:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", (int)result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:296:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "0x%X", (unsigned char)result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:302:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:303:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "0x%X", result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:309:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[350];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:313:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-inf");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:315:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "inf");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:320:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-nan");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:322:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "nan");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:325:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%.16ff", result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:331:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[350];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:335:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-inf");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:337:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "inf");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:342:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "-nan");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:344:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "nan");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:347:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%.16f", result);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:791:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expression[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1016:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1017:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1051:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizeString[50];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1052:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sizeString, "%d", maxSize - totalSize);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1139:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1140:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1189:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1294:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1323:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(setName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1325:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(setName, "_Set_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1328:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(getName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1330:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(getName, "_Get_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1571:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1583:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1594:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1717:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1847:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1895:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1907:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1938:37: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(paramCount) strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1942:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1980:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2083:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2095:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[16];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2096:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereInstMeth_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2101:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(number, "_%08d", instMethodID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2578:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2585:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(!first) strcat(className, ", ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2589:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(className, " = ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2619:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2627:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(!first) strcat(className, ", ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2631:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(className, " = ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:3366:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:3457:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constant[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:3705:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:4924:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:5052:43: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, value.instance.data, type.size);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:5116:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:5424:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:5808:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6170:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6171:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6807:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6865:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameSpace[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6887:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nameSpace, name, c + 1);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6928:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6930:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(curName, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6983:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7000:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "const ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7010:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "typed_object");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7012:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "any_object");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7019:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " &");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7022:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case voidType: strcat(string, "void"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7029:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case _BoolType: strcat(string, "_Bool"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7031:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case floatType: strcat(string, "float"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7032:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case doubleType: strcat(string, "double"); break;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7036:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "struct ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7044:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "struct { ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7048:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string,"; ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7056:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "union ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7063:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "union ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7064:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string,"(unnamed)");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7070:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "enum ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7076:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "int"); // "enum");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7079:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "...");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7082:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "subclass(");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7090:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "thisclass");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7093:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "__builtin_va_list");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7118:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(type.dllExport) strcat(string, "dllexport ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7119:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(type.attrStdcall) strcat(string, "stdcall ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7130:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " const");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7133:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " (");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7144:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " *");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7147:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " const");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7166:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(param.next) strcat(string, ", ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7189:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "class");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7205:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7213:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7214:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(count, ":%d", type.bitFieldCount);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7316:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constant[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7385:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constant[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7387:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(constant, "%d", (int)classProp.Get(_class));
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7473:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugExpString[4096];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7498:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7537:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7539:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", e.expType.size); // Potential 32/64 Bootstrap issue
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7566:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7587:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7590:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "__internalValue%03X", internalValueCounter++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7728:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024]; // Watch buffer overruns
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7894:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugExpString[4096];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8065:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8067:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8124:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8126:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8150:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8152:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8160:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8166:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereFunction_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8571:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8721:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1String[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8722:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2String[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9042:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString1[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9043:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString2[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9044:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9045:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9247:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString1[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9248:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString2[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9249:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1String[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9250:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2String[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9366:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10000];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9378:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9535:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9611:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp1[1024], temp2[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9617:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp1, "__simpleStruct%d", curContext.simpleID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9627:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp2, "__simpleStruct%d", curContext.simpleID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:9718:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10101:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thisClassTypeString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10111:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisClassTypeString, param.defaultArg.memberString, colon - param.defaultArg.memberString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10128:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10165:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10177:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10213:49: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(paramCount) strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10217:37: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10307:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10408:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10416:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(structName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10749:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10786:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10798:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10829:52: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(paramCount) strcat(templateString, ", ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10833:40: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10875:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10930:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10983:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10984:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11180:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11182:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(structName, "__ecereClassData_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11208:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeStringBuf[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11279:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11417:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11421:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11435:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240] ;
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11447:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type1[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11448:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type2[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11554:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:11611:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[10240];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12132:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024], propNameM[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12133:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12139:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12144:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propNameM, "__ecerePropM_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12364:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iteratorType[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12440:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeStringBuf[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12682:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count[128];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12686:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(count, "%d", builtinCount);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12858:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char watcherName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12863:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(watcherName,"__ecerePropertyWatcher_%d", propWatcherID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12865:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(watcherName, "_delete");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12905:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12909:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12915:31: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13068:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13072:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13078:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(propName, "__ecereProp_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13125:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13126:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13166:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13289:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pointerName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13295:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pointerName, "__ecerePointer_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13298:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13299:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13318:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13319:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", _class.offset); // Need Bootstrap Fix
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13575:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13578:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereFunction_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:17:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char registerName[1024], moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:141:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:280:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:319:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pos[10];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:320:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos, "%d", bitMember.pos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:342:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:411:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:505:43: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:602:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:763:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugExpString[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:775:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:954:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext.simpleID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1023:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1027:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", c.structSize);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1033:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1087:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecereTemp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1113:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ecereTemp, "__ecereInstance%d", tempCount);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1644:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1645:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1689:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1974:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:1975:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "__anon%d", anonID);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:2015:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:2310:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:2402:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:2418:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:2422:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", c.structSize);
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:2722:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass16.ec:2724:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:222:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugExpString[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:239:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:243:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:274:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:276:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:293:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:294:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:437:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:509:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:512:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext.simpleID); //++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:542:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:545:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext.simpleID); //++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:668:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask[32], shift[10];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:678:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(shift, "%d", bitMember.pos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:772:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName[1024], getName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:848:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecereTemp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:853:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ecereTemp, "__ecTemp%d", exp.tempCount);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1087:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1090:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1604:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iteratorType[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1680:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1684:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1772:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1788:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1792:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "class");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1811:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1875:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1876:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2042:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2049:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "class");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2053:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2154:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2208:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2210:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size, "%d", e.expType.size); // BOOTSTRAP FIX
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2268:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2307:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2309:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "__internalValue%03X", internalValueCounter++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2382:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2391:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "class");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2395:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2557:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[2048] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2623:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getName[1024], setName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2646:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2654:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext.simpleID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2693:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2708:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(className, "__simpleStruct%d", curContext.simpleID++);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2789:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[2048];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2821:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2832:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereVMethodID_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2839:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2841:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2868:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "__ecereMethod_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2938:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask[32], shift[10];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2947:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(shift, "%d", bitMember.pos);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2967:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pointerName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2969:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pointerName, "__ecerePointer_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2980:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structName[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2981:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2982:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3010:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecereTemp[100];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3018:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ecereTemp, "__ecTemp%d", exp.tempCount);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3039:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3040:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", c.offset);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3090:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3091:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", c.offset);
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3235:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3239:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "__ecereClass_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3281:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeString[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:3291:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(typeString, "void *");
data/ecere-sdk-0.44.15/compiler/libec/src/pass3.ec:82:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass3.ec:96:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024] = "";
data/ecere-sdk-0.44.15/compiler/libec/src/pass3.ec:407:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newID[1024];
data/ecere-sdk-0.44.15/compiler/libec/src/pass3.ec:411:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newID, "__ecereNameSpace__");
data/ecere-sdk-0.44.15/compiler/libec/src/type.ec:3720:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/ecere-sdk-0.44.15/compiler/libec/src/type.ec:3737:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yyformat[sizeof yyunexpected
data/ecere-sdk-0.44.15/compiler/libec/src/type.ec:4896:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:42:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * iconNames[CodeObjectType] =
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curName[256];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:67:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(templateString, n, lt-n);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:69:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, "</a>");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:89:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, "<");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:91:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, ">");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:93:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, ", ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:116:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "const ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:128:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[20];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:130:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hex, "%p", type._class.registered.templateClass ? type._class.registered.templateClass : type._class.registered);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:131:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "<a href=\"api://");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:133:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "\" style=\"text-decoration: none;\">");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:136:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:142:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "</a>");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:183:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " *");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:187:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case voidType: strcat(string, "void"); break;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:192:26: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case floatType: strcat(string, "float"); break;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:193:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case doubleType: strcat(string, "double"); break;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:197:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "struct ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:211:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "struct {");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:215:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string,"; ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:223:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "union ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:232:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "union ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:233:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string,"(unnamed)");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:239:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "enum ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:247:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "enum");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:254:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "dllexport ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:270:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "<b>");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:272:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "</b>");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:284:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(param.next) strcat(string, ", ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:320:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseType[1024], size[256];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:359:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "...");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:365:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "subclass(");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:404:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(param.next) strcat(string, ", ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:503:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[20];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:505:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hex, "%p", module);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:508:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hex, "%p", object);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:511:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hex, "%p", data);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:515:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "namespace");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:517:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "function");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:519:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "class");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:521:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "method");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:524:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "description");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:526:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "usage");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:528:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "remarks");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:530:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "example");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:532:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "seeAlso");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:534:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "enumerationValue");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:536:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "definition");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:538:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "conversion");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:540:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "memberDescription");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:542:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "propertyDescription");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:544:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "parameter");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:546:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "returnValue");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:551:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char docPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:556:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsName[1024], temp[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:604:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:799:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsName[1024], temp[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:808:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(nsName[0]) strcat(temp, "::");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:828:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(nsName[0]) strcat(temp, "::");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:844:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:875:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:916:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:955:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:991:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1027:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1030:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsName[1024], temp[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1038:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(nsName[0]) strcat(temp, "::");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1101:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1130:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1142:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1172:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1212:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1261:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1307:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1346:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1370:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1391:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1413:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1456:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1489:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1492:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsName[1024], temp[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1499:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(nsName[0]) strcat(temp, "::");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1535:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1575:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1605:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1630:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1651:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1671:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1690:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1723:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1726:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsName[1024], temp[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1733:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(nsName[0]) strcat(temp, "::");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1769:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1808:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1838:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1863:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1884:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1904:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1923:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1941:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsName[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1953:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(nsName, "::");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2057:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2078:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2234:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Button open
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2381:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2382:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2384:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char symbolsDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2509:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[20];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2510:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hex, "%p", (void *)(uintptr)row.tag);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2575:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[64];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2579:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(location, "api://%p", history[historyPos]);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2592:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[64];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2596:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(location, "api://%p", history[historyPos]);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2641:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char editString[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2652:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char docDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2725:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char docPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2726:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2727:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char part[MAX_FILENAME];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3047:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3292:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(startSelBlock.text + startSel, endSelBlock.text + endSel, endSelBlock.textLen - endSel + 1);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3326:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(selection, textBlock.text + start, len);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3357:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(selection + totalLen, b.text + start, len);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3378:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb.text, s, len + 1);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3908:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prevBlock.text + prevBlock.textLen, textBlock.text, textBlock.textLen + 1);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3959:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textBlock.text + textBlock.textLen, nextBlock.text, nextBlock.textLen + 1);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4006:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newBlock.text, textBlock.text + curPosition, textBlock.textLen - curPosition + 1);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4062:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textBlock.text + curPosition, text + start, len);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4082:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newBlock.text, textBlock.text + curPosition, textBlock.textLen - curPosition + 1);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4109:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[5];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4399:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char programFilesDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4400:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appData[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4401:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char homeDrive[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4402:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4489:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:77:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldDocFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char docFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:100:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writeTestFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:133:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:296:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:305:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(s);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:518:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:519:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:521:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char symbolsDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:635:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char startName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:71:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeString[100]; //28]; I18n strings take up more characters
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:98:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:126:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * afterSlash, rest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:134:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char letter[10];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:135:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(letter, "_%cdrive", toupper(listing.name[0]));
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:251:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceFileName[MAX_FILENAME], sourceDirectory[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:252:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archiveName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:254:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char existingFilePath[MAX_LOCATION], * existingFile;
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:285:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputPart[MAX_FILENAME], outputRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:286:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourcePart[MAX_FILENAME], sourceRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:318:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archiveName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:526:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archivePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:577:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archive[MAX_LOCATION], fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:606:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:607:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:608:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputFile[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:620:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * afterSlash, rest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:628:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char letter[10];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:629:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(letter, "_%cdrive", toupper(argv[c][0]));
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:672:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_LOCATION], directory[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:731:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:741:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_LOCATION], directory[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:763:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:780:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:787:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newName[MAX_FILENAME] = "", rest[MAX_FILENAME];
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:792:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION], directory[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:800:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char existingFilePath[MAX_LOCATION], * existingFile;
data/ecere-sdk-0.44.15/ear/cmd/emear.ec:12:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/cmd/emear.ec:13:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[16384];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:7:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char archivePath[MAX_LOCATION], archive[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:13:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:43:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * afterSlash, rest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:51:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char letter[10];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:52:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(letter, "_%cdrive", toupper(listing.name[0]));
data/ecere-sdk-0.44.15/ear/extract/extract.ec:75:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:171:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:216:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_LOCATION];
data/ecere-sdk-0.44.15/ear/extract/extract.ec:290:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:569:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeString[10] = "";
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:573:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nodeString, "%d", (int)key);
data/ecere-sdk-0.44.15/ecere/src/com/OldList.ec:17:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)this + sizeof(class Item), (byte *)src + sizeof(class Item), size - sizeof(Item));
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:199:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION] = "", archiveName[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:227:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fileName, addedPath, len);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:299:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_FILENAME * 16];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:343:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "..");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:377:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileName, "..");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:419:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION] = "", archiveName[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:447:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fileName, addedPath, len);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:517:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_FILENAME * 16];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:563:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "..");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:597:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileName, "..");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:648:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathPart[MAX_FILENAME * 16], pathRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:649:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toPart[MAX_FILENAME * 16], toRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:665:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(destination, "..");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:714:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[8];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:715:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "%%.0%df", prec);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:719:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " GB");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:724:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " MB");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:729:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " KB");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:733:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d B", size);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:740:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[8];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:741:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "%%.0%df", prec);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:745:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " TB");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:750:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " GB");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:755:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " MB");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:760:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " KB");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:764:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%.0f B", size);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1031:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, string, len + 1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1086:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1088:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(string);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1093:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1149:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ofPart[MAX_FILENAME], ofRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1150:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathPart[MAX_FILENAME], pathRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1220:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_string, value, newLen);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1301:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_string + len, s._string, addedLen);
data/ecere-sdk-0.44.15/ecere/src/com/containers/AVLTree.ec:20:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)(((byte *)&(uint64)node.key) + __ENDIAN_PAD(sizeof(void *))), (void *)value, class(AT).structSize);
data/ecere-sdk-0.44.15/ecere/src/com/containers/AVLTree.ec:36:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)(((byte *)&(uint64)node.key) + __ENDIAN_PAD(sizeof(void *))), (void *)value, class(AT).structSize);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Array.ec:43:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(piv, (char *)base + L*w, w);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Array.ec:49:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)base + L*w, (char *)base + R*w, w);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Array.ec:55:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)base + R*w, (char *)base + L*w, w);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Array.ec:59:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)base + L*w, piv, w);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Array.ec:357:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, ((Array)source).array, count * class(T).typeSize);
data/ecere-sdk-0.44.15/ecere/src/com/containers/BuiltInContainer.ec:113:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemString[4096];
data/ecere-sdk-0.44.15/ecere/src/com/containers/BuiltInContainer.ec:124:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(!first) strcat(tempString, ", ");
data/ecere-sdk-0.44.15/ecere/src/com/containers/Container.ec:254:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemString[4096];//1024];
data/ecere-sdk-0.44.15/ecere/src/com/containers/Container.ec:268:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(!first) strcat(tempString, ", ");
data/ecere-sdk-0.44.15/ecere/src/com/containers/List.ec:25:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&link.data, (void *)(uintptr)value, class(LLT).structSize);
data/ecere-sdk-0.44.15/ecere/src/com/containers/List.ec:39:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&link.data, (void *)value, sType);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Map.ec:89:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&node.value, (void *)value, class(V).structSize);
data/ecere-sdk-0.44.15/ecere/src/com/containers/Map.ec:246:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)&node.key + __ENDIAN_PAD(Tclass.typeSize), (byte *)&pos + __ENDIAN_PAD(Tclass.typeSize), Tclass.typeSize);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:147:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_buffer + count, bytes, numBytes);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:159:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bytes, _buffer + pos, read);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:600:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[1024];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:672:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char internalMemberString[1024];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:689:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, "{ ");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:691:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, " }");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:716:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char internalMemberString[1024];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:722:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, " { ");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:724:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memberString, " }");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:771:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, ", ");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:775:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, " = ");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:789:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, "\\\"");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:794:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, "\\\\");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:897:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberName[1024];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:898:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memberString[10240];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1038:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(int) * _subMemberStackPos);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1146:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, newData, _class.typeSize);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1156:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, newData, _class.typeSize);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1403:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", *data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1422:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", (int)*data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1463:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%u", *data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1480:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%u", (uint)*data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1487:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%x", *data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1528:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%u", (int)*data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1537:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(ch == '\t') strcpy(string, "'\\t'");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1538:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(ch == '\n') strcpy(string, "'\\n'");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1539:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(ch == '\r') strcpy(string, "'\\r'");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1540:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(ch == '\a') strcpy(string, "'\\a'");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1541:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(ch == '\\') strcpy(string, "'\\\\'");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1542:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else if(ch < 32 || ch >= 127) sprintf(string, "'\\x%x'", ch);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1543:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(string, "'%c'", ch);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:1546:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%c", *data);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2012:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-inf");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2014:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "inf");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2019:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-nan");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2021:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "nan");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2030:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[10];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2034:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "%%.%df", numDigits);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2160:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-inf");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2162:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "inf");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2167:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "-nan");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2169:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "nan");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2178:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%.15g", f);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2180:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%.13lf", f);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2255:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2304:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, newData, len+1);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2321:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, newData, len+1);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2452:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, result, len);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2471:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + len, result, newLen);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2504:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2511:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, buffer, len + 1);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2518:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2525:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, buffer, len);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2540:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2554:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:122:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exeLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:204:10: [2] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant string.
wcscat(_wmoduleName, L".exe");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:254:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exeName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:257:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/proc/self/status", "r");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:259:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/proc/curproc/status", "r");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:263:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1025];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:280:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/proc/self/maps", "r");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:282:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/proc/curproc/map", "r");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:286:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1025];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:315:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:336:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:342:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1025];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:390:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileName, "/proc/curproc/file");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:448:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:449:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:463:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".dll");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:486:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileName, "lib");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:491:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".dylib");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:493:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".so");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:511:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "/ec/lib");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:520:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".dylib");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:522:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".so");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:542:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileName, "lib");
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:546:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".dylib");
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:75:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * frames[MAX_STACK_FRAMES];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:703:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * allocLoc[MAX_MEMORY_LOC];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:704:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * freeLoc[MAX_MEMORY_LOC];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1386:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newPointer, pointer, Min(size, block.size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1443:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newPointer, pointer, Min(size, block.size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1513:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.allocLoc, stack.frames + stack.pos - Min(stack.pos, MAX_MEMORY_LOC), Min(stack.pos, MAX_MEMORY_LOC) * sizeof(char *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1580:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.allocLoc, stack.frames + stack.pos - Min(stack.pos, MAX_MEMORY_LOC), Min(stack.pos, MAX_MEMORY_LOC) * sizeof(char *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1664:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)pointer + REDZONE, (byte *)block.key, Min(block.size, size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1671:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)pointer + REDZONE, block.oldmem, Min(block.size, size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1675:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.freeLoc, stack.frames + stack.pos - Min(stack.pos, MAX_MEMORY_LOC), Min(stack.pos, MAX_MEMORY_LOC) * sizeof(char *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1676:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)pointer + REDZONE, (byte *)block.key, Min(block.size, size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1681:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.oldmem - REDZONE, (byte *)block.key - REDZONE, block.size + 2 * REDZONE);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1694:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.allocLoc, stack.frames + stack.pos - Min(stack.pos, MAX_MEMORY_LOC), Min(stack.pos, MAX_MEMORY_LOC) * sizeof(char *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1777:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)pointer + REDZONE, (byte *)block.key, Min(block.size, size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1784:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)pointer + REDZONE, block.oldmem, Min(block.size, size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1788:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.freeLoc, stack.frames + stack.pos - Min(stack.pos, MAX_MEMORY_LOC), Min(stack.pos, MAX_MEMORY_LOC) * sizeof(char *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1789:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)pointer + REDZONE, (byte *)block.key, Min(block.size, size));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1794:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.oldmem - REDZONE, (byte *)block.key - REDZONE, block.size + 2 * REDZONE);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1807:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.allocLoc, stack.frames + stack.pos - Min(stack.pos, MAX_MEMORY_LOC), Min(stack.pos, MAX_MEMORY_LOC) * sizeof(char *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1926:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.oldmem - REDZONE, (byte *)block.key - REDZONE, block.size + REDZONE * 2);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1930:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block.freeLoc, stack.frames + stack.pos - Min(stack.pos, MAX_MEMORY_LOC), Min(stack.pos, MAX_MEMORY_LOC) * sizeof(char *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1956:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, a + c, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1957:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a + c, b + c, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:1958:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b + c, buffer, s);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2194:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)_class.data, (byte *)base.data, totalSizeClass - _class.sizeClass);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2214:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_class._vTbl + baseClass.vTblSize, mod._vTbl + baseClass.vTblSize, (mod.base.vTblSize - baseClass.vTblSize) * sizeof(void *));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2694:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateClassName[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2726:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_class.data, base.data, offsetClass);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3264:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3428:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char noTemplateName[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3446:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3554:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(templatedClass.templateArgs, templatedClass.base.templateArgs,
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3603:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3695:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3700:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, equal, paramEnd - equal);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3705:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, paramStart, paramEnd - paramStart);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3864:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templateString[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3893:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[256];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3932:49: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(paramCount) strcat(templateString, ", ");
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3936:37: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(templateString, " = ");
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:4086:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:4089:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(className, memberString, colon - memberString);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:5260:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance._vTbl, instance._class._vTbl,
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:5611:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:5612:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6550:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eSystem_RegisterFunction("atoi", "int atoi(const char*)", atoi, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6588:93: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
eSystem_RegisterFunction("memcpy", "void * memcpy(void *, const void *, uintsize size)", memcpy, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6736:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6739:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(className, param.defaultArg.memberString, colon - param.defaultArg.memberString);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6817:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * platformNames[Platform] = { "", "win32", "linux", "apple" }; // how to have this be accessible outside of dll/lib
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7413:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7417:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "Total System Memory Usage: %.02f\n", TOTAL_MEM / 1048576.0f);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7426:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%8d bytes: %d blocks in %d parts (%.02f mb used; taking up %.02f mb space)\n",
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7471:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "Non-pooled memory: %.02f\n", OUTSIDE_MEM / 1048576.0f);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7473:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "Total Memory in use: %.02f\n", (float)(totalMemUsed + OUTSIDE_MEM) / 1048576.0f);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7476:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "Total Blocks Count: %d (%.02f mb overhead)\n", numBlocks, (float)sizeof(struct MemBlock) * numBlocks / 1048576.0f);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7479:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "MemoryGuard: %d blocks (%.02f mb RedZone, %.02f mb MemInfo)\n", memBlocks.count,
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:14:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "{ ");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:17:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "{ ");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:20:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char member[256];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:23:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(x < 3) strcat(string, ", ");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:25:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " }");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:26:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(y < 3) strcat(string, ", ");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Matrix.ec:28:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " }");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/Object.ec:666:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/Cube.ec:86:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/Cube.ec:91:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "Cube Face %d", c+1);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:84:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char materialName[280];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:85:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:135:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char materialName[280];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/meshes/SkyBox.ec:136:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:189:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char textureDirectory[MAX_DIRECTORY];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:743:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char matName[MAX_LOCATION + 100];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1080:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1081:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bumpName[MAX_LOCATION+5];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1094:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bumpName, "BUMP:");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1132:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char specName[MAX_LOCATION+5];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1133:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(specName, "SPEC:");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1260:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char matName[MAX_LOCATION + 100];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1359:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetName[MAXNAMELEN];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1362:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(targetName, ".target");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1509:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetName[MAXNAMELEN];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1517:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(targetName, ".target");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1971:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetName[MAXNAMELEN];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1976:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(targetName, ".target");
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2113:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetName[MAXNAMELEN];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2118:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(targetName, ".target");
data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec:425:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(picture, source.picture, sizeBytes);
data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec:516:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec:792:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec:958:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:52:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:76:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[256];
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:84:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(stringOutput, "r = "); strcat(stringOutput, colorValue);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:92:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(stringOutput, ", g = "); strcat(stringOutput, colorValue);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:100:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(stringOutput, ", b = "); strcat(stringOutput, colorValue);
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:107:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(!atoi(string) && (((DefinedColor)this).class::OnGetDataFromString(string) ||
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:116:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:656:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:722:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:775:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[256];
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:862:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gfx/Display.ec:1549:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(points, newPoints, newN * sizeof(Vector3D));
data/ecere-sdk-0.44.15/ecere/src/gfx/DisplaySystem.ec:89:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fonts[32];
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:317:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:332:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:393:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D8DisplayDriver.ec:1453:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vertices, mesh.vertices, mesh.nVertices * sizeof(Vector3Df));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D8DisplayDriver.ec:1462:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(normals, mesh.normals, mesh.nVertices * sizeof(Vector3Df));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D8DisplayDriver.ec:1471:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(texCoords, mesh.texCoords, mesh.nVertices * sizeof(Pointf));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D8DisplayDriver.ec:1514:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(indexBuffer, d3dIndices.indices, indices32bit ? sizeof(uint32) : sizeof(uint16) * d3dIndices.nIndices);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D9DisplayDriver.ec:1479:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vertices, mesh.vertices, mesh.nVertices * sizeof(Vector3Df));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D9DisplayDriver.ec:1488:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(normals, mesh.normals, mesh.nVertices * sizeof(Vector3Df));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D9DisplayDriver.ec:1497:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(texCoords, mesh.texCoords, mesh.nVertices * sizeof(Pointf));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Direct3D9DisplayDriver.ec:1540:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(indexBuffer, d3dIndices.indices, (indices32bit ? sizeof(uint32) : sizeof(uint16)) * d3dIndices.nIndices);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/GDIDisplayDriver.ec:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char faceName[512];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec:1962:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pic, tmp, w*4);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec:1973:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp.picture + convBitmap.width * 4 * y,
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/OpenGLDisplayDriver.ec:1977:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(convBitmap.picture, tmp.picture, convBitmap.sizeBytes);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32BitmapPrinterDisplayDriver.ec:266:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32PrinterDisplayDriver.ec:298:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/XDisplayDriver.ec:1758:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[32] = { 0 };
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:87:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:89:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsPos[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:92:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsDiffuse[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:95:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsAmbient[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:98:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsSpecular[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:101:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsAtt[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:104:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsSpotDir[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:107:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsSpotCutOffCos[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:110:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "lightsSpotExp[%d]", i);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:402:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cubemap_matrix, m, 9 * sizeof(float));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:417:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(projection, m, 16 * sizeof(float));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:426:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modelView, m, 16 * sizeof(float));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:443:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(normalsMatrix, m, 9 * sizeof(float));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/defaultShader.ec:450:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matTexture, m, 16 * sizeof(float));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/gl_compat_4_4.c:2879:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strExtensionName[512];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/gl_compat_4_4.c:2888:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strExtensionName, extensions, space-extensions);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec:102:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrixStack[curStack][ix].array, matrix.array, sizeof(Matrix));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec:120:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrixStack[curStack][ix+1].array, matrixStack[curStack][ix].array, sizeof(Matrix));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec:145:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrixStack[curStack][ix].array, m, 16*sizeof(double));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec:153:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrixStack[curStack][ix].array, i, sizeof(Matrix));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec:266:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(i, matrixStack[ix][matrixIndex[ix]].array, sizeof(Matrix));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec:270:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(i, matrixStack[ix][matrixIndex[ix]].array, sizeof(Matrix));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/matrixStack.ec:274:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(i, matrixStack[ix][matrixIndex[ix]].array, sizeof(Matrix));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec:13:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char compileLog[65536];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec:162:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * vSources[2] = { definitions._string, vertexShaderSource };
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec:163:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * fSources[2] = { definitions._string, fragmentShaderSource };
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-arabic.c:129:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char arabic_group[0x150] = {
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-buffer.c:120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buffer->out_string, buffer->in_string, buffer->out_length * sizeof (buffer->out_string[0]) );
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-impl.h:106:40: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MEM_Copy(dest,source,count) memcpy( (char*)(dest), (const char*)(source), (size_t)(count) )
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-indic.c:72:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char indicForms[0xe00-0x900] = {
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-indic.c:497:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char indicPosition[0xe00-0x900] = {
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-indic.c:1227:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reordered+1, item->string + item->item.pos, len*sizeof(HB_UChar16));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-indic.c:1230:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reordered, item->string + item->item.pos, len*sizeof(HB_UChar16));
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-khmer.c:362:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char properties[16];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-myanmar.c:272:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char properties[32];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-shaper.c:851:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[5];
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-tibetan.c:49:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tibetanForm[0x80] = {
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/harfbuzz/harfbuzz-tibetan.c:121:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reordered+1, str, len*sizeof(HB_UChar16));
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:20:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:42:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entryName[1024];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:43:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontFileName[1024];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:67:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(entryName + c))
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:98:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:108:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkCfgPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:121:38: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(flags.bold && flags.italic) strcat(fileName, "bi");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:122:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if(flags.bold) strcat(fileName, "bd");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:124:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".ttf");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:132:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(flags.bold) strcat(fileName, "bd");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:133:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".ttf");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:142:41: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(flags.bold && flags.italic) strcat(fileName, "bi");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:143:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if(flags.bold) strcat(fileName, "bd");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:145:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".ttf");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:152:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(flags.bold) strcat(fileName, "bd");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:153:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, ".ttf");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:264:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char links[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:283:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:295:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(links + linksPos, line, len);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:320:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontName[1024];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:546:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:666:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[256];
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:672:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fileName, "font%d", fid);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:684:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fileName, "outline%d", fid);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:788:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char faceName[512];
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:34:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stringOutput, "%d", distance);
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:40:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stringOutput, "%f", percent);
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:128:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stringOutput, "%f", percent);
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:149:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stringOutput, "%d", distance);
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:181:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[256];
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:188:48: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "left = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:188:76: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "left = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:195:51: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "horz = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:195:79: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "horz = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:200:48: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "top = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:200:76: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "top = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:204:48: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "right = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:204:76: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "right = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:211:51: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "vert = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:211:79: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "vert = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:216:48: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "bottom = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:216:76: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(anchorValue[0]) { if(stringOutput[0]) strcat(stringOutput, ", "); strcat(stringOutput, "bottom = "); strcat(stringOutput, anchorValue); }
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:252:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[MAX_F_STRING] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:370:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:493:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:609:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/GuiApplication.ec:185:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appName[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/GuiApplication.ec:568:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char driverStorage[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:922:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(caption[0]) strcat(caption, " - ");
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:927:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[256];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:928:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(title, "Untitled %d", documentID);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:932:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(caption, " *");
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:943:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(caption[0]) strcat(caption, " - ");
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:948:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(caption[0]) strcat(caption, " - ");
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:954:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[256];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:955:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(title, "Untitled %d", activeClient.documentID);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:959:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(caption, " *");
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:2558:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[2048];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:2570:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[2048];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:2619:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[2048], caption[2048];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:2692:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[2048];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:4163:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in.array, infos.array, sizeof(TouchPointerInfo) * infos.size);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:6118:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[2048];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:7340:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:7556:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:7684:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:7685:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filePath, "Untitled %d", documentID);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10055:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%.2f", this);
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10076:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10087:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c._vTbl, wc.pureVTbl, c.vTblSize * sizeof(void *));
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10392:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(windowVTbl, value._vTbl, size * sizeof(void *));
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10396:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value._vTbl + size, value._class._vTbl + size, (value._class.vTblSize - size) * sizeof(void *));
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10412:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(window._vTbl, windowVTbl, class(Window).vTblSize * sizeof(void *));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/DataBox.ec:154:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/DropBox.ec:103:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[4096];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/DropBox.ec:258:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/DropBox.ec:408:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[4096];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/DropBox.ec:587:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[4096];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/DropBox.ec:894:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[4096];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:181:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((ArrayImpl)this).array, value, type.typeSize * size);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:724:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char searchString[1025], replaceString[1025];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:884:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + len, line.buffer, lineLen);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5100:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[5];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5219:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[5];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5533:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[5];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5556:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[5];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5625:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5644:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6341:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6522:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + read, (*&line.buffer) + x, numBytes);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:181:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tempString[4096];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:786:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1474:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1603:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1637:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1675:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1724:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:3147:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tempString[4096];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:4177:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:89:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char accelString[50] = "\t";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:109:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[50];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:123:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newText, text, length);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:42:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pathBox.browseDialog = { type = open, text = $"Select a file..." };
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:120:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:187:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char browsePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:208:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:246:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:303:53: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(browseDialog && browseDialog.type == open && typeExpected == directory)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:318:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(browseDialog.type == open && typeExpected == directory)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:322:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024] = "Select ";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:324:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, "...");
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:344:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:396:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:427:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(browseDialog.type == open)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:431:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024] = "Select ";
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:433:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, "...");
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ProgressBar.ec:32:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[10];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ProgressBar.ec:37:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "%d%%", (int)(position * 100.0f / range));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/StatusBar.ec:253:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempText[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:128:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
public enum FileDialogType { open, save, selectDir, multiOpen };
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:140:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION], compared[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:276:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.visible = true;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:277:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.isDefault = true;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:294:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.visible = false;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:295:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.isDefault = false;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:461:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpDir[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:606:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.disabled = okDisabled;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:615:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.isDefault = false;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:624:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.isDefault = true;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:672:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:759:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[3];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:761:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "\\\\");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:789:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*selectedFileName, "\\\\");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:840:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION], compared[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:904:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:937:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, ", ");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:938:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat((char *)customFilter.extensions, ", ");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:940:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "*.");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:976:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentFileName[MAX_LOCATION], * curFileName = currentFileName;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1011:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
multiFilePaths = new char *[selections.count];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1039:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1083:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1114:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1147:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1178:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentDirectory[MAX_DIRECTORY];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1179:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1281:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Button open
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1318:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION] = "/";
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1328:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "\\\\");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1357:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1541:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentDirectory[MAX_DIRECTORY];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1566:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newDirPath[MAX_DIRECTORY];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/GoToDialog.ec:33:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line = atoi(lineBox.contents);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/GoToDialog.ec:54:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
goTo.disabled = atoi(lineBox.contents) ? false : true;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec:157:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char contents[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec:354:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char contents[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:183:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[2], country[2];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:331:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(savedState, state, size);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:565:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char * androidArgv[1];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:927:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char loc[MAX_LOCATION] = "", mod[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/Win32Interface.ec:303:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lastMonitorAreas, monitorAreas, sizeof(monitorAreas));
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/Win32Interface.ec:678:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[2048];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/Win32Interface.ec:1738:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text, u16text, wordCount * 2);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:147:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *atomNames[AtomIdents] = {
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:1068:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:1413:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
joystickFD[0] = open("/dev/js0", O_RDONLY);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:1414:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
joystickFD[1] = open("/dev/js1", O_RDONLY);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:1415:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
joystickFD[2] = open("/dev/js2", O_RDONLY);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:1416:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
joystickFD[3] = open("/dev/js3", O_RDONLY);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:2767:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontString[1024] = "--helvetica-*-r-*-*-*-120-*-*-*-*-*-*,-misc-fixed-*-r-*-*-*-130-*-*-*-*-*-*";
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:3584:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(icon + 2, bitmap.picture, bitmap.width * bitmap.height * sizeof(uint32));
data/ecere-sdk-0.44.15/ecere/src/gui/skins/AquaSkin.ec:346:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char * skinBitmaps[SkinBitmap] =
data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec:121:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * skinBitmaps[SkinBitmap] =
data/ecere-sdk-0.44.15/ecere/src/gui/typeEdit.ec:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tempString[16384];
data/ecere-sdk-0.44.15/ecere/src/gui/typeEdit.ec:174:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[MAX_F_STRING] = "";
data/ecere-sdk-0.44.15/ecere/src/gui/typeEdit.ec:281:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string + size, line.text, line.count);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[24];
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:171:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
file.status = atoi(string);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:182:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
file.totalSize = atoi(string);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:198:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.contentType, string, len);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:214:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.contentDisposition, string, len);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:305:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.buffer + file.bufferCount, buffer, read);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:358:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[1024];
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:359:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:372:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(server, serverStart, fileName - serverStart - 1);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:388:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(colon+1);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:451:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipAddress[1024];
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:540:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, " HTTP/1.1\r\nHost: ");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:543:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "\r\n");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:544:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "Accept-Charset: UTF-8\r\n");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:546:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "Connection: Keep-Alive\r\n");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:549:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "Referer: ");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:551:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "\r\n");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:553:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "\r\n");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:736:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + read, this.buffer + bufferPos, numbytes);
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[1]; // Rest follows, null terminated
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:67:39: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static enum NetworkClientPacketType { open, close, read, getSize };
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:100:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.buffer + file.bufferCount, buffer + overlap, bytesToRead);
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:187:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, this.buffer, bytesRead);
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:188:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this.buffer, this.buffer + bytesRead, bufferCount - bytesRead);
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:249:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, buffer + newPosition - position, bufferCount - (newPosition - position));
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:487:55: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
PUTXDWORD(packet.type, NetworkClientPacketType::open);
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:227:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempBuffer, buffer, size);
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:393:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:802:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inetAddress[20];
data/ecere-sdk-0.44.15/ecere/src/net/dcom.ec:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1];
data/ecere-sdk-0.44.15/ecere/src/net/dcom.ec:439:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object.instance._vTbl, object.instance._class._vTbl, sizeof(int(*)()) * object.instance._class.vTblSize);
data/ecere-sdk-0.44.15/ecere/src/net/dcom.ec:463:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, callMethod, callMethod.size);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:58:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + totalBytesRead, fileBuffer, bytesRead);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:131:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this.buffer, this.buffer + missing, bufferPos - missing);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:140:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this.buffer + bufferPos, buffer, bytesToBuffer);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:147:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this.buffer, buffer + numBytes - bytesToBuffer, bytesToBuffer);
data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec:134:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[256];
data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec:177:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numeric = atoi(value);
data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec:364:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[MAX_F_STRING] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec:513:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:211:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1];
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:331:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[129];
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:364:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * envTokens[129];
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.ec:75:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commandLine[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.ec:95:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commandLine[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:47:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:96:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namePart[MAX_FILENAME], nameRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:105:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:206:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namePart[MAX_LOCATION] = "", nameRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:383:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:576:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:643:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:773:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namePart[MAX_LOCATION] = "", nameRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:864:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namePart[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:886:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namePart[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:937:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namePart[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1213:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1362:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1444:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1500:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:385:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archive[MAX_LOCATION], * name;
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:388:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:399:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parent[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:437:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:524:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shareName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:623:37: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
case FOM_read: *input = fopen(fileName, "rb"); break;
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:624:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
case FOM_write: *output = fopen(fileName, "wb"); break;
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:625:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
case FOM_append: *output = fopen(fileName, "ab"); break;
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:626:47: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
case FOM_readWrite: *input = *output = fopen(fileName, "r+b"); break;
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:627:47: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
case FOM_writeRead: *input = *output = fopen(fileName, "w+b"); break;
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:628:47: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
case FOM_appendRead: *input = *output = fopen(fileName, "a+b"); break;
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:303:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileDialog.type = open;
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:582:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:597:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:608:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:703:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:705:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(string);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:710:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:717:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:724:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:945:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archiveName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:968:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archiveName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1067:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archiveName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1085:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archiveName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1178:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1188:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archiveName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1213:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1261:16: [2] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant string.
wcscat(dir, L"*.*");
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1462:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1463:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1474:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION], compared[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1527:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1788:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1790:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "/tmp/");
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1793:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "XXXXXX");
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1795:9: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(buffer);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1800:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1817:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1818:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "/tmp/");
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1821:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "XXXXXX");
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1826:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:255:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "/etc/");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:280:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s + 1, settingsDirectory, len + 1);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:301:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "rc");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:585:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[92048];
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:607:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[256];
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:644:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[92048], outputLine[92048] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:684:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char integer[64];
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:685:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(integer, "%d", (int)(intptr)value);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:691:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outputLine, "\r\n");
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:248:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:560:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unicode[4];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:774:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:775:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(className, "Array");
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:963:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1124:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a = (byte)atoi(string);
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1250:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1272:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "0x%08X", value.ui);
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1295:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1312:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "0x%x", color);
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1335:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1388:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1502:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:124:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:143:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:176:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:195:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_FILENAME];
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:308:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commandLine[MAX_F_STRING*4];
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:344:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_F_STRING*4];
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:364:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:365:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desktop[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:393:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:257:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:314:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/System.ec:498:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec:27:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(buffer) memcpy(buffer, this.buffer + position, read);
data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec:50:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this.buffer + position, buffer, writeSize);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:191:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tzinfo, lpTimeZoneInformation, sizeof(TIME_ZONE_INFORMATION));
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:219:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:225:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d:", value);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:232:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d:", value);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:238:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d:", value);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:243:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%02d", value);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:674:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char ampm[2][3] = { "AM", "PM" };
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:693:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[20];
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:722:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * subTokens[20];
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:730:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(t-am-pm == 0) hour = atoi(subTokens[t]);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:731:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(t-am-pm == 1) minute = atoi(subTokens[t]);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:732:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(t-am-pm == 2) second = atoi(subTokens[t]);
data/ecere-sdk-0.44.15/ecere/src/sys/Time.ec:762:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(tokens[c]);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lcAll[256];
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[256];
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[256];
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lcMessages[256];
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char genericLocale[256];
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:65:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(locale, "zh_CN");
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:76:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(genericLocale, "zh_CN");
data/ecere-sdk-0.44.15/ecere/src/sys/memory.ec:40:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest,source,count);
data/ecere-sdk-0.44.15/ecere/src/sys/memory.ec:74:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest,source,count<<1);
data/ecere-sdk-0.44.15/ecere/src/sys/memory.ec:108:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest,source,count<<2);
data/ecere-sdk-0.44.15/ecere/src/sys/unicode.ec:406:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ecere/src/sys/units.ec:13:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "Inf");
data/ecere-sdk-0.44.15/ecere/src/sys/units.ec:15:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "-Inf");
data/ecere-sdk-0.44.15/ecere/src/sys/units.ec:17:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", this);
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:22:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:235:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ddl[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:335:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:373:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ddl[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:656:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[4096];
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:669:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[32];
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:670:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d", dRow.myRow[dFld.fldsPos]);
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:14:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:15:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[MAX_LOCATION];
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:86:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbLocator[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/PostgreSQL.ec:177:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:142:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:143:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[MAX_LOCATION];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:146:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:149:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ")(");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:152:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "))(CONNECT_DATA=(");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:155:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ")))");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_sli[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:265:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:279:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_sli1[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:280:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_sli2[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:288:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command, "SELECT DISTINCT(Table_Name) AS Name FROM EDA_TABLE_FIELDS");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:436:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_sli[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:441:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:442:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataType[256];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:553:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:596:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fullOrder, " ORDER BY ");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:604:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fullOrder, " ORDER BY ");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:607:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char order[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:610:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(c) strcat(order, ", ");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:614:45: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(fIndex->order == descending) strcat(order, " DESC");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:625:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:634:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char order[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1033:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1085:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char primaryKeyValueString[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1088:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1117:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(primaryKeyValueString, "%i", primaryKeyValueInt);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1188:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*(char **)data, sqlFld.p_sli, numBytes+1);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1225:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1228:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char primaryKeyValueString[1024];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1255:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(primaryKeyValueString, "%i", primaryKeyValueInt);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1312:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[11];
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1319:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(date, "%04i-%02i-%02i", year, month, day);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1365:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idValue[64];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:119:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:123:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "CREATE TABLE eda_table_fields(Table_Name TEXT, Name TEXT, Type TEXT, Length INT);");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:216:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:224:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command, "SELECT name FROM sqlite_master WHERE type='table' AND name!='eda_table_fields';");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:285:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldName[256];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:286:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataType[256];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:301:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fieldName, bracket + start, d - start);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:304:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataType, bracket + d + 1, c - d - 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:393:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:395:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "BEGIN;");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:404:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:406:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "COMMIT;");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:422:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[256];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:592:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * text = (const char *)sqlite3_value_text(values[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:595:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*(char **)data, text, numBytes+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:801:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:802:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataType[256];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:818:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dataType, "INTEGER");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:823:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dataType, "REAL");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:828:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dataType, "TEXT");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:833:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dataType, "TEXT");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:839:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dataType, "TEXT");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:951:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:954:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexName[4096];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:959:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(indexFields, fieldIndexes, count * sizeof(FieldIndex));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:962:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(indexName, "index_");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:986:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char columnName[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:988:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(c > 0) strcat(command, ", ");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:991:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, ");");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1019:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1028:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rowCount = atoi(t[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1039:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fullOrder, " ORDER BY ROWID");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1045:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fullOrder, " ORDER BY ");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1048:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char order[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1051:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(c) strcat(order, ", ");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1055:66: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(fIndex->order == (flip ? ascending : descending)) strcat(order, " DESC");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1069:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1078:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char order[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1406:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char where[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1412:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(where, "` ");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1414:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(where, " ? OR (");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1418:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(where, " = ? AND (");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1423:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, "))");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1491:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char order[1024], command[2048];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1587:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char criterias[4096], command[4096], order[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1600:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(c) strcat(criterias, " AND `");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1602:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(criterias, "` = ?");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1812:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*(char **)data, text, numBytes+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1837:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:2019:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*(char **)data, text, numBytes+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:361:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mainPrompt[20]; /* First line prompt. default: "sqlite> "*/
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:362:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char continuePrompt[20]; /* Continuation prompt. default: " ...> " */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:500:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zLine, zTrans, nTrans);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:613:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colSeparator[20]; /* Column separator character for several modes */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:614:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rowSeparator[20]; /* Row separator character for MODE_Ascii */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:617:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nullValue[20]; /* The text to print when a NULL comes back from
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:619:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[FILENAME_MAX]; /* Filename for *out */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:1208:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zIn[nIn], zAppend, nAppend);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:1282:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zErrMsg, sqlite3_errmsg(db), nErrMsg);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:1995:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(zName, "rb");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2028:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(zFile, "wb");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2230:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(zFile, "wb");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2436:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zInsert+i, ",?", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2439:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zInsert+i, ");", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2687:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aHdr[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2763:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *azArg[50];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3147:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sCtx.in = fopen(sCtx.zFile, "rb");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3338:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
iotrace = fopen(azArg[1], "w");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3584:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
alt = fopen(azArg[1], "rb");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3669:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_argv[2], *new_colv[2];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3683:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_argv[2], *new_colv[2];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3759:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[200];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4382:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zLine,";",2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4398:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zSql, zLine+i, nLine+1-i);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4403:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zSql+nSql, zLine, nLine+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4415:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zPrefix[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4512:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( z ) memcpy(z, home_dir, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4545:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(sqliterc,"rb");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4614:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->colSeparator,SEP_Column, 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4615:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->rowSeparator,SEP_Row, 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4854:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.colSeparator,",",2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:13395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zSelName[12]; /* Symbolic name of this SELECT use for debugging */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:13582:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char yDbMask[(SQLITE_MAX_ATTACHED+9)/8];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:15060:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SQLITE_PRIVATE const unsigned char sqlite3CtypeMap[256] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:16031:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[100]; /* Initial space */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:17148:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *z, zBuf[30];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:17419:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:17439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:17458:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:17495:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:17683:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[20];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:18713:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTitle[100]; /* The title text */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:18883:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBt, &aAddr[1], pHdr->nBacktrace*sizeof(void*));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:18892:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, mem.zTitle, mem.nTitle);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:18959:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew, pPrior, (int)(nByte<pOldHdr->iSize ? nByte : pOldHdr->iSize));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:19065:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem.zTitle, zTitle, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:19089:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(zFilename, "w");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:19678:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pPrior, nOld);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:19680:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pPrior, nBytes);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:19736:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(zFilename, "w");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:20235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pPrior, nOld);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:20356:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(zFilename, "w");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:22566:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew, p, db->lookaside.sz);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:22614:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zNew, z, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:22627:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zNew, z, (size_t)n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:22918:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[etBUFSIZE]; /* Conversion buffer */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23200:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+(prefix!=0),"Inf",4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23499:42: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( !isMalloced(p) && p->nChar>0 ) memcpy(zNew, p->zText, p->nChar);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23535:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->zText[p->nChar], z, N);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23555:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->zText[p->nChar-N], z, N);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23579:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zText, p->zBase, p->nChar+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23631:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[SQLITE_PRINT_BUF_SIZE];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23664:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[SQLITE_PRINT_BUF_SIZE];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23750:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zMsg[SQLITE_PRINT_BUF_SIZE*3]; /* Complete log message */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23779:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[500];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23860:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[500];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23901:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zLine[1000];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:23963:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zLine[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:24038:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zFlgs[30];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:24319:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char s[256]; /* State variables */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:24372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char k[256];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:24413:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:24420:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:24924:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:25034:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:25191:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zBuf[20];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:25856:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOut, &u, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:25897:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pValue, &u, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:26329:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x,p,4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:26334:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x,p,4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:26339:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x,p,4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:26348:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,&v,4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:26351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,&x,4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:26354:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,&x,4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:26625:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a, &x, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:27340:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aPadding[32];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:27624:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(zFile, flags, mode);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:28199:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->zCanonicalName, zAbsoluteName, n+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:28377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aSemName[MAX_PATHNAME+2]; /* Name of that semaphore */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:28417:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aErr[80];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:28605:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pInode->fileId, &fileId, sizeof(fileId));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30469:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], amt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30473:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30588:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldCntr[4];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30604:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, amt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30608:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30791:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zDirname[MAX_PATHNAME+1];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:32836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zDb[MAX_PATHNAME+1]; /* Database file path */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:32866:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zDb, zPath, nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:32944:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTmpname[MAX_PATHNAME+2];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33126:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
useProxy = atoi(envforce)>0;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33328:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zDel, zIn, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33443:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, &t, sizeof(t));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33444:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[sizeof(t)], &randomnessPid, sizeof(randomnessPid));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33792:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33970:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tPath[MAXPATHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33971:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33975:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[64] = "";
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34064:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tBuf[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readBuf[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockPath[MAXPATHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34171:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lockPath, &readBuf[PROXY_PATHINDEX], pathLen);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34217:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writeBuffer[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34221:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&writeBuffer[PROXY_HEADERLEN], myHostID, PROXY_HOSTIDLEN);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34368:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conchPath, dbPath, len+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34384:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&conchPath[i+1], "-conch", 7);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34444:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dbPath, (char *)pFile->lockingContext, len + 1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34463:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbPath[MAXPATHLEN+1]; /* Name of the database file */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:35944:41: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
{ "MultiByteToWideChar", (SYSCALL)MultiByteToWideChar, 0 },
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:36362:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zDbgBuf[SQLITE_WIN32_DBG_BUF_SIZE];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:36369:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zDbgBuf, zBuf, nMin);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:36385:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zDbgBuf, zBuf, nMin);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:36974:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zMsg[500]; /* Human readable error text */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:37618:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], amt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:37624:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, &((u8 *)(pFile->pMapRegion))[offset], nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:37696:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, amt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:37702:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((u8 *)(pFile->pMapRegion))[offset], pBuf, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40476:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &x, sizeof(x));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40481:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &pid, sizeof(pid));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40487:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &cnt, sizeof(cnt));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40493:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &cnt, sizeof(cnt));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40500:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &i, sizeof(i));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40508:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &id, sizeof(UUID));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40515:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &id, sizeof(UUID));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40948:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aiValues, p->u.aHash, sizeof(p->u.aHash));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:40988:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aiValues, p->u.aHash, sizeof(p->u.aHash));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:44422:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbFileVers[16]; /* Changes whenever database file changes */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:44730:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zRet[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:44811:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ac[4];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:44830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ac[4];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:45000:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aMagic[8]; /* A buffer to hold the magic header */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:45091:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char zeroHdr[28] = {0};
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:45179:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:45256:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aMagic[8]; /* A buffer to hold the magic header */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:46105:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pData, (u8*)aData, pPager->pageSize);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:47902:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:48423:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPager->zFilename, zPathname, nPathname);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:48424:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( nUri ) memcpy(&pPager->zFilename[nPathname+1], zUri, nUri);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:48425:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPager->zJournal, zPathname, nPathname);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:48426:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPager->zJournal[nPathname], "-journal\000", 8+2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:48430:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPager->zWal, zPathname, nPathname);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:48431:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPager->zWal[nPathname], "-wal\000", 4+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:48925:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbFileVers[sizeof(pPager->dbFileVers)];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:49824:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const void *pCopy = (const void *)&((const char *)zBuf)[24];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:51801:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&aHdr[1], (const void*)&pWal->hdr, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:51803:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&aHdr[0], (const void*)&pWal->hdr, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:51832:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aFrame[8], pWal->hdr.aSalt, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:51913:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zName[15];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:52281:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr.aSalt, &aBuf[16], 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:52586:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aLeft, aTmp, sizeof(aTmp[0])*iOut);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:52813:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr.aSalt[1], &salt1, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:53166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr, &h1, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:53580:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr, pSnapshot, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:53832:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:54140:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aWalHdr[16], pWal->hdr.aSalt, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:54519:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet, &pWal->hdr, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:56326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aSpace[200]; /* Temp space for pIdxKey - to avoid a malloc */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:56951:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp[x], &data[x], (cbrk+size) - x);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:56954:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[cbrk], &src[pc], size);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:57017:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aData[iAddr], &aData[pc], 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:57711:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zDbHeader[100]; /* Database header content */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:57773:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zFullPathname, zFilename, nFilename);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:58616:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, zMagicHeader, sizeof(zMagicHeader));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:59973:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPayload, pBuf, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:59976:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, pPayload, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:60173:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aSave, aWrite, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:60176:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aWrite, aSave, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61194:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61218:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61224:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPrevTrunk->aData[0], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61247:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNewTrunk->aData[0], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61249:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNewTrunk->aData[8], &pTrunk->aData[12], (k-1)*4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61314:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aData[8+closest*4], &aData[4+k*4], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61795:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPayload, pSrc, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61905:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTemp, pCell, sz);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:61940:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[idx], pCell, sz);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62037:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTmp[i], &aData[i], usableSize - i);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62049:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pData, pCell, szCell[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62212:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTmp, aData, pPg->pBt->usableSize);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62486:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aTo[iData], &aFrom[iData], pBt->usableSize-iData);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62487:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aTo[iToHdr], &aFrom[iFromHdr], pFrom->cellOffset + 2*pFrom->nCell);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62681:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aOvflSpace[iOff], apDiv[i], szNew[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62797:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTemp, apDiv[i], sz);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:62806:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b.apCell[b.nCell], &pOld->aData[8], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:63045:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&apNew[nNew-1]->aData[8], &pOld->aData[8], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:63119:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNew->aData[8], pCell, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:63347:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pChild->aiOvfl, pRoot->aiOvfl,
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:63349:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pChild->apOvfl, pRoot->apOvfl,
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:63608:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newCell, oldCell, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:64894:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zErr[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:65581:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zOut, zIn, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:66219:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMem->zMalloc, pMem->z, pMem->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:66416:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMem, &t, sizeof(t));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:66861:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, MEMCELLSIZE);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:66882:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, MEMCELLSIZE);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:66906:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, sizeof(Mem));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:66981:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMem->z, z, nAlloc);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:68086:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( p4copy ) memcpy(p4copy, zP4, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:69206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zPtr[50];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:69207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zCom[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:69509:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char z[1000];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:70604:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen("vdbe_profile.out", "a");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:70623:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zHdr[100];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:71058:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( len>0 ) memcpy(buf, pMem->z, len);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:71115:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pMem->u.r, &x, sizeof(x));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:72521:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew, pOrig, MEMCELLSIZE);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:74021:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[100]; /* Initial working space */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:74598:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[200];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:75634:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOut->z, pIn2->z, pIn2->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:75636:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pOut->z[pIn2->n], pIn1->z, pIn1->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:76799:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pDest->z, zData, len);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:77093:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->zName, zName, nName+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:78145:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aTempRec[ROUND8(sizeof(UnpackedRecord)) + sizeof(Mem)*4 + 7];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:82093:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->aAlloc, &p->aBuffer[iBuf], nAvail);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:82109:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->aAlloc[nByte - nRem], aNext, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:82517:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeyInfo, pCsr->pKeyInfo, szKeyInfo);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:83016:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->aBuffer[p->iBufEnd], &pData[nData-nRem], nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:83393:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SRVAL(pNew), pVal->z, pVal->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:84226:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOut->z, pKey, nKey);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:84389:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, &p->zBuf[iOfst], iAmt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:84412:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->zBuf[iOfst], zBuf, iAmt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:84642:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zOut, &pChunk->zChunk[iChunkOffset], nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:84694:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->endpoint.pChunk->zChunk[iChunkOffset], zWrite, iSpace);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:85063:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pExpr, pDup, sizeof(*pExpr));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:86943:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( pToken->n ) memcpy(pNew->u.zToken, pToken->z, pToken->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:87360:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zAlloc, p, nNewSize);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:87363:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zAlloc, p, nSize);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:87377:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zToken, p->u.zToken, nToken);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:91520:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->aCol, pTab->aCol, sizeof(Column)*pNew->nCol);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:91865:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->u.aRowid, pData, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:91892:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo->anEq, pFrom->anEq, sizeof(tRowcnt)*p->nCol);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:91893:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo->anLt, pFrom->anLt, sizeof(tRowcnt)*p->nCol);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:91894:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo->anDLt, pFrom->anDLt, sizeof(tRowcnt)*p->nCol);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:93318:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSample->p, sqlite3_column_blob(pStmt, 4), pSample->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:93514:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zFile = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:93515:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zName = (const char *)sqlite3_value_text(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:93550:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNew, db->aDb, sizeof(db->aDb[0])*2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:93624:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zKey = (char *)sqlite3_value_blob(argv[2]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:93702:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zName = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:93706:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zErr[128];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:94549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char saveBuf[SAVE_SZ];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:94560:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveBuf, &pParse->nVar, SAVE_SZ);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:94565:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pParse->nVar, saveBuf, SAVE_SZ);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:94789:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(db->aDbStatic, db->aDb, 2*sizeof(db->aDb[0]));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:95877:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zStmt[k], zType, len);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:95897:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zExtra, pIdx->azColl, sizeof(char*)*pIdx->nColumn);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:95900:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zExtra, pIdx->aiColumn, sizeof(i16)*pIdx->nColumn);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:95903:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zExtra, pIdx->aSortOrder, pIdx->nColumn);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:96686:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTab[24];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:96937:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, pTo->z, pTo->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:96965:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, pToCol->a[i].zName, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:97374:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIndex->zName, zName, nName+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:97447:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zExtra, zColl, nColl);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:97709:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[1], aVal, nCopy*sizeof(LogEst));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:98751:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pColl, pColl2, sizeof(CollSeq));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:98861:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pColl[0].zName, zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:99100:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBest->zName, zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101049:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[50];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101293:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zOut[j], zRep, nRep);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101299:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zOut[j], &zStr[i], nStr-i);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101407:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zResult[8];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101456:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zFile = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101462:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zProc = (const char *)sqlite3_value_text(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:101759:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aWc, pDef->pUserData, 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:103169:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)pStep->zTarget, zFrom, nFrom);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:105599:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*pzErrMsg, sqlite3_errmsg(db), nErrMsg);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:105749:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(const char*,sqlite3**);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:106007:53: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define sqlite3_open sqlite3_api->open
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:106679:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zAltEntry, "sqlite3_", 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:106688:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zAltEntry+iEntry, "_init", 6);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:106723:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aHandle, db->aExtension, sizeof(handle)*db->nExtension);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:107719:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *aFcntl[4]; /* Argument to SQLITE_FCNTL_PRAGMA */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:109354:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zKey[40];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:109534:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *azArg[4];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:115994:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, argv[i], n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:116479:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, pName->z, pName->n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:118449:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCopy, zName, nName+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:119456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->zName, pDef->zName, sqlite3Strlen30(pDef->zName)+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:119516:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTab->zName, pMod->zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:120272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100]; /* Initial space for EQP output string */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:121542:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOrTab->a, pTabItem, sizeof(*pTabItem));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:121947:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pWC->a, pOld, sizeof(pWC->a[0])*pWC->nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:122073:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wc[3]; /* Wildcard characters */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:123323:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aiCur, pWInfo->aiCurOnePass, sizeof(int)*2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:123339:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pDest->a, pSrc->a, pDest->n*sizeof(pDest->a[0]));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:124863:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zType[4];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:124864:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zType, "...", 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:124974:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(paNew, p->aLTerm, sizeof(p->aLTerm[0])*p->nLSlot);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:124990:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, WHERE_LOOP_XFER_SZ);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:124991:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo->aLTerm, pFrom->aLTerm, pTo->nLTerm*sizeof(pTo->aLTerm[0]));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:126660:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zName[65];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:126938:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo->aLoop, pFrom->aLoop, sizeof(WhereLoop*)*iLoop);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:131686:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char zText[553] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:131719:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aHash[127] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:131731:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aNext[124] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:131743:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aLen[124] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:131767:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aCode[124] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:133067:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&y, &x, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:134150:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zBuf[50];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:135454:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zFile, zUri, nUri);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:135791:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zKey[40];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:137010:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew, aArg, nArg*sizeof(void *));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139066:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, zCol, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139362:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->aIndex, aIndex, sizeof(struct Fts3Index) * nIndex);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139372:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCsr, argv[2], nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139375:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCsr, argv[1], nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139382:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
z = (char *)sqlite3Fts3NextToken(aCol[iCol], &n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139383:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCsr, z, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139388:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
assert( zCsr <= &((char *)p)[nByte] );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139823:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuffer[nPrefix], zCsr, nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139975:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, *ppPoslist, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:140013:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, *ppPoslist, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:140338:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *aaOutput[16]; /* Malloc'd output buffers */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:140730:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTS->aaOutput[0], aDoclist, nDoclist);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:141527:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pRet, sqlite3_value_blob(pVal), sizeof(Fts3Cursor *));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:141648:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zArg = (const char *)sqlite3_value_text(apVal[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:142547:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aDoclist, a[p->nToken-1].pList, nByte+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:144022:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p->pFts3Tab->zDb, zDb, nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:144023:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p->pFts3Tab->zName, zFts3, nFts3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:144680:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet->pPhrase->aToken[0].z, zToken, nToken);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:144795:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zTemp[nTemp], zByte, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:144823:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, zTemp, nTemp);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:145596:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pp, sqlite3_column_blob(pStmt, 0), sizeof(*pp));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:145695:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)sqlite3_value_text(argv[0]), &pModule);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:145712:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zExpr = (const char *)sqlite3_value_text(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:145721:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
azCol[ii] = (char *)sqlite3_value_text(argv[ii+2]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:146145:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)new_elem->pKey, pKey, nKey);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:146505:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zReverse[28];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147092:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *azArg[64];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147109:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zName = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147111:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zInput = (const char *)sqlite3_value_text(argv[argc-1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147127:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
azArg[i-1] = (const char *)sqlite3_value_text(argv[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147210:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pp, sqlite3_column_blob(pStmt, 0), sizeof(*pp));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147374:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delim[128]; /* flag ASCII delimiters */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147707:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSpace, argv[i], n+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147921:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zByte = (const char *)sqlite3_value_text(apVal[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147927:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pCsr->zInput, zByte, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:148956:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zText = (const char *)sqlite3_value_text(apVal[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:149366:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aCopy, pList->aData, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:149425:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pReader->zTerm[nPrefix], pNext, nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:149657:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pReader->aNode, zRoot, nRoot);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:149780:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pReader->ppNextElem, aElem, nElem*sizeof(Fts3HashElem *));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:150071:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTree->aData[nData], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:150085:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTree->zTerm, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:150335:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWriter->aData[nData], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:150338:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWriter->aData[nData], aDoclist, nDoclist);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:150357:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pWriter->zTerm, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:150665:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMsr->aBuffer, pList, nList);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:151009:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pCsr->aBuffer[nDoclist], pList, nList);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:151761:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->term.a[nPrefix], &p->aNode[p->iOff], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:151865:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pBlk->a[pBlk->n], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:151868:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->key.a, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:151941:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPrev->a, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:151948:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNode->a[pNode->n], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:151953:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNode->a[pNode->n], aDoclist, nDoclist);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:152284:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->block.a, aRoot, nRoot);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:152296:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->key.a, reader.term.a, reader.term.n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:152306:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->block.a, aBlock, nBlock);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:152770:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pHint->a, aHint, nHint);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153332:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->nNodeSize = atoi(&zVal[9]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153335:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->nMaxPendingData = atoi(&zVal[11]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153338:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->bNoIncrDoclist = atoi(&zVal[21]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153460:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet, &p->pList->aData[nSkip], *pnData);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153853:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet->zMatchinfo, zMatchinfo, nStr+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153894:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( p->bGlobal ) memcpy(aOut, &p->aMatchinfo[1], p->nElem*sizeof(u32));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153904:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->aMatchinfo[2+p->nElem], &p->aMatchinfo[1], p->nElem*sizeof(u32));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:154328:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pStr->z[pStr->n], zAppend, nAppend);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:155358:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aBuffer[64];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:156730:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->zData, zBlob, pRtree->iNodeSize);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:157108:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c.u,a,4); \
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:157116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c.u,a,4); \
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:157678:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBlob, sqlite3_value_blob(pValue), nBlob);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:157860:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zIdxStr[RTREE_MAX_DIMENSIONS*8+1];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158002:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cell, p, sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158184:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aSpare, aLeft, sizeof(int)*nLeft);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aSpare, aLeft, sizeof(int)*nLeft);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158344:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&left, &aCell[aaSorted[ii][0]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158345:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&right, &aCell[aaSorted[ii][nCell-1]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158374:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBboxLeft, &aCell[aaSorted[iBestDim][0]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158375:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBboxRight, &aCell[aaSorted[iBestDim][iBestSplit]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158442:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aCell[nCell], pCell, sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:158734:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aCell[ii], pCell, sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159212:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *azSql[N_STATEMENT] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159401:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRtree->zDb, argv[1], nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159402:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRtree->zName, argv[2], nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zCell[512];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159907:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[128];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:160035:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zLocale = (const char *)sqlite3_value_text(apArg[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:160123:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zLocale = (const char *)sqlite3_value_text(apArg[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:160124:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zName = (const char *)sqlite3_value_text(apArg[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:160276:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zLocale, argv[0], n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:161242:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zStateDb[5]; /* Db name for state ("stat" or "main") */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:161435:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zOut, &zSrc[ofst], cnt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:161450:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zOut, zDelta, cnt);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:161922:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zRet, zStr, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:162075:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIter->abIndexed, pIter->abTblPk, sizeof(u8)*pIter->nTblCol);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163026:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pUp->zMask, zMask, pIter->nTblCol);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163079:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zStateDb, "stat", 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163081:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zStateDb, "main", 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163329:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
nChar = MultiByteToWideChar(CP_UTF8, 0, zFilename, -1, NULL, 0);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163338:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
nChar = MultiByteToWideChar(CP_UTF8, 0, zFilename, -1, zWideFilename,
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163934:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zRnd[64];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163983:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zTarget, zTarget, nTarget+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163985:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zRbu, zRbu, nRbu+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163988:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zState, zState, nState+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:164723:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCopy, zName, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:164967:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNew->base, &vfs_template, sizeof(sqlite3_vfs));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:164972:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zSpace, zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:165813:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zSpace[100]; /* Initial static space */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:165925:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zNew, p->zBuf, (size_t)p->nUsed);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:165944:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zBuf+p->nUsed, zIn, N);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:167694:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zJson, z, (size_t)n+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:167716:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zRoot, zRoot, (size_t)n+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pBuf->p[pBuf->n], pData, nData);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171315:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zRet, pIn, nIn);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171410:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pEntry->pTerm, pTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171749:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSpace, p2, p-p2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171871:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zOut, zIn, nIn+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:172213:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( zRank ) memcpy(zRank, pRank, p-pRank);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:172233:27: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( zRankArgs ) memcpy(zRankArgs, pArgs, p-pArgs);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:172726:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNew, aIter, sizeof(Fts5PoslistReader) * nIter);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:173869:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSyn->zTerm, pToken, nToken);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:174228:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->apChild[p->nChild], pSub->apChild, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:175012:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zKey[8]; /* Nul-terminated entry key */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:175215:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->zKey[1], pToken, nToken);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:176485:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(pBuf)->p[(pBuf)->n], pBlob, nBlob); \
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:176583:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOut->aSeg, &pLvl->aSeg[is], sizeof(Fts5StructureSegment));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:180375:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pData->p, doclist.p, doclist.n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:180610:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf.p[1], pToken, nToken);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:181541:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, aBlob, n);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184194:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pAux->zFunc, zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184232:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->zName, zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184348:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184352:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, (void*)&pGlobal, sizeof(pGlobal));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:185632:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char aAsciiTokenChar[128] = {
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:185645:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aTokenChar[128];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:185688:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->aTokenChar, aAsciiTokenChar, sizeof(aAsciiTokenChar));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:185736:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aFold[64];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:185841:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aTokenChar[128]; /* ASCII range token characters */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:185952:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->aTokenChar, aAsciiTokenChar, sizeof(aAsciiTokenChar));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186060:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aFold, p->aFold, nFold);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aBuf[FTS5_PORTER_MAX_TOKEN + 64];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186201:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nStem], p->zOutput, p->nOutput);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186440:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-2], "ate", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186448:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-2], "ble", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186456:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-2], "ize", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186475:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-7], "ate", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186480:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-6], "tion", 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186489:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-4], "ence", 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186494:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-4], "ance", 4);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186503:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-4], "ize", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186512:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-4], "log", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186521:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-3], "ble", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186526:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-4], "al", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186531:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "ent", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186536:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-3], "e", 1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186541:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "ous", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186550:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-7], "ize", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186555:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "ate", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186560:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-4], "ate", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186569:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "al", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186574:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-7], "ive", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186579:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-7], "ful", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186584:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-7], "ous", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186593:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "al", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186598:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "ive", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186603:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-6], "ble", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186622:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-4], "ic", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186639:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "ic", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186644:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "ic", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186669:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-5], "al", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186688:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aBuf[nBuf-3], "ee", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186751:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuf, pToken, nBuf);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:187756:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet->zFts5Tbl, zTab, nTab);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:187757:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet->zFts5Db, zDb, nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:188089:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pCsr->zLeTerm, zCopy, pCsr->nLeTerm+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec:36:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec:45:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command, "PRAGMA cipher_use_hmac = OFF;");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/EDASQLiteCipher.ec:51:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "CREATE TABLE eda_table_fields(Table_Name TEXT, Name TEXT, Type TEXT, Length INT);");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13393:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sqlcipher_codec_ctx_set_kdf_iter(ctx, atoi(zRight), 2); // change of RW PBKDF2 iteration
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13404:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sqlcipher_codec_ctx_set_fast_kdf_iter(ctx, atoi(zRight), 2); // change of RW PBKDF2 iteration
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13413:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(ctx) sqlcipher_codec_ctx_set_kdf_iter(ctx, atoi(zRight), 1); // write iterations only
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13418:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int size = atoi(zRight);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13529:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(pgno == 1) memcpy(buffer, SQLITE_FILE_HEADER, FILE_HEADER_SZ); /* copy file header to the first 16 bytes of the page */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13532:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pData, buffer, page_sz); /* copy buffer data back to pData and return */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13536:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(pgno == 1) memcpy(buffer, kdf_salt, FILE_HEADER_SZ); /* copy salt to output buffer */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:13542:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(pgno == 1) memcpy(buffer, kdf_salt, FILE_HEADER_SZ); /* copy salt to output buffer */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14024:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target, source, sizeof(cipher_ctx));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14027:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target->key, source->key, EVP_MAX_KEY_LENGTH);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14030:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target->hmac_key, source->hmac_key, EVP_MAX_KEY_LENGTH);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14034:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target->pass, source->pass, source->pass_sz);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14053:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->pass, zKey, nKey);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14320:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pgno_raw[sizeof(pgno)];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14334:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pgno_raw, &pgno, sizeof(pgno));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14388:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iv_out, iv_in, c_ctx->iv_sz); /* copy the iv from the input to output buffer */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14483:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->hmac_kdf_salt, ctx->kdf_salt, ctx->kdf_salt_sz);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:14819:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SQLITE_PRIVATE const unsigned char sqlite3CtypeMap[256] = {
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:15658:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[100]; /* Initial space */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:16653:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *z, zBuf[30];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:16919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:16939:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:16958:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:16995:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:17181:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[20];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:18129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTitle[100]; /* The title text */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:18299:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBt, &aAddr[1], pHdr->nBacktrace*sizeof(void*));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:18308:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, mem.zTitle, mem.nTitle);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:18375:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew, pPrior, nByte<pOldHdr->iSize ? nByte : pOldHdr->iSize);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:18481:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem.zTitle, zTitle, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:18505:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(zFilename, "w");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:19093:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pPrior, nOld);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:19095:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pPrior, nBytes);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:19151:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(zFilename, "w");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:19653:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pPrior, nOld);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:19775:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(zFilename, "w");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:19874:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, offsetof(sqlite3_mutex_methods, xMutexAlloc));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:19875:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTo->xMutexFree, &pFrom->xMutexFree,
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:21559:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew, p, db->lookaside.sz);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:21608:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zNew, z, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:21620:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zNew, z, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:21869:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[etBUFSIZE]; /* Conversion buffer */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22400:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( zOld==0 && p->nChar>0 ) memcpy(zNew, p->zText, p->nChar);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22410:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->zText[p->nChar], z, N);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22429:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zText, p->zBase, p->nChar+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22472:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[SQLITE_PRINT_BUF_SIZE];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22523:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[SQLITE_PRINT_BUF_SIZE];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22592:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zMsg[SQLITE_PRINT_BUF_SIZE*3]; /* Complete log message */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22622:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[500];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22673:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char s[256]; /* State variables */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22721:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char k[256];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22775:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:22782:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:23010:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:23119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:23303:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zBuf[20];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:25239:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aPadding[32];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:25508:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(zFile, flags, mode);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:26056:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->zCanonicalName, zAbsoluteName, n+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:26234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aSemName[MAX_PATHNAME+2]; /* Name of that semaphore */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:26274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aErr[80];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:26455:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pInode->fileId, &fileId, sizeof(fileId));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:28374:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldCntr[4];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:28555:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zDirname[MAX_PATHNAME+1];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30269:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zDb[MAX_PATHNAME+1]; /* Database file path */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30296:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zDb, zPath, nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30374:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTmpname[MAX_PATHNAME+2];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30536:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
useProxy = atoi(envforce)>0;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30797:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, &t, sizeof(t));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30799:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[sizeof(t)], &pid, sizeof(pid));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31317:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tPath[MAXPATHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31318:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31322:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[64] = "";
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31411:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tBuf[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readBuf[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockPath[MAXPATHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31517:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lockPath, &readBuf[PROXY_PATHINDEX], pathLen);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31563:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writeBuffer[PROXY_MAXCONCHLEN];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31567:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&writeBuffer[PROXY_HEADERLEN], myHostID, PROXY_HOSTIDLEN);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31713:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conchPath, dbPath, len+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31729:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&conchPath[i+1], "-conch", 7);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31788:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dbPath, (char *)pFile->lockingContext, len + 1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31807:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbPath[MAXPATHLEN+1]; /* Name of the database file */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:33121:41: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
{ "MultiByteToWideChar", (SYSCALL)MultiByteToWideChar, 0 },
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:33409:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zDbgBuf[SQLITE_WIN32_DBG_BUF_SIZE];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:33416:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zDbgBuf, zBuf, nMin);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:33432:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zDbgBuf, zBuf, nMin);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:33967:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zMsg[500]; /* Human readable error text */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:35920:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTempPath[MAX_PATH+2];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:35949:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zMbcsPath[MAX_PATH];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36045:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTmpname[MAX_PATH+2]; /* Buffer used to create temp filename */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36525:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zOut[MAX_PATH+1];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36723:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &x, sizeof(x));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36728:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &pid, sizeof(pid));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36734:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &cnt, sizeof(cnt));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36740:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &cnt, sizeof(cnt));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36747:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[n], &i, sizeof(i));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:37143:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aiValues, p->u.aHash, sizeof(p->u.aHash));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:37183:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aiValues, p->u.aHash, sizeof(p->u.aHash));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:40288:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbFileVers[16]; /* Changes whenever database file changes */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:40582:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zRet[1024];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:40660:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ac[4];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:40679:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ac[4];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:40849:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aMagic[8]; /* A buffer to hold the magic header */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:40939:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char zeroHdr[28] = {0};
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:41027:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:41104:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aMagic[8]; /* A buffer to hold the magic header */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:41919:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pData, (u8*)aData, pPager->pageSize);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:43573:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zHeader, aJournalMagic, sizeof(aJournalMagic));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:44096:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPager->zFilename, zPathname, nPathname);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:44097:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( nUri ) memcpy(&pPager->zFilename[nPathname+1], zUri, nUri);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:44098:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPager->zJournal, zPathname, nPathname);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:44099:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPager->zJournal[nPathname], "-journal\000", 8+2);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:44103:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPager->zWal, zPathname, nPathname);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:44104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPager->zWal[nPathname], "-wal\000", 4+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:44552:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbFileVers[sizeof(pPager->dbFileVers)];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:47266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&aHdr[1], (void *)&pWal->hdr, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:47268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&aHdr[0], (void *)&pWal->hdr, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:47296:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aFrame[8], pWal->hdr.aSalt, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:47374:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zName[15];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:47742:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr.aSalt, &aBuf[16], 8);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:48041:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aLeft, aTmp, sizeof(aTmp[0])*iOut);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:48550:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr, &h1, sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:49116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:49378:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aWalHdr[16], pWal->hdr.aSalt, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:50648:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aSpace[150]; /* Temp space for pIdxKey - to avoid a malloc */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:51082:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp[cbrk], &data[cbrk], usableSize - cbrk);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:51115:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[cbrk], &temp[pc], size);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:51195:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[addr], &data[pc], 2);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:51316:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[hdr+1], &data[pbegin], 2);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:51704:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zDbHeader[100]; /* Database header content */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:51764:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zFullPathname, zFilename, sqlite3Strlen30(zFilename)+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:52501:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, zMagicHeader, sizeof(zMagicHeader));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:53838:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPayload, pBuf, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:53841:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, pPayload, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:54010:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aSave, aWrite, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:54013:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aWrite, aSave, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:54945:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:54967:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:54973:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pPrevTrunk->aData[0], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:54996:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNewTrunk->aData[0], &pTrunk->aData[0], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:54998:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNewTrunk->aData[8], &pTrunk->aData[12], (k-1)*4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:55051:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aData[8+closest*4], &aData[4+k*4], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:55475:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPayload, pSrc, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:55593:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTemp+nSkip, pCell+nSkip, sz-nSkip);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:55622:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[idx+nSkip], pCell+nSkip, sz-nSkip);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:55680:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[cellbody], apCell[i], sz);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:55885:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aTo[iData], &aFrom[iData], pBt->usableSize-iData);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:55886:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aTo[iToHdr], &aFrom[iFromHdr], pFrom->cellOffset + 2*pFrom->nCell);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56080:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aOvflSpace[iOff], apDiv[i], szNew[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56136:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOld, apOld[i], sizeof(MemPage));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56138:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOld->aData, apOld[i]->aData, pBt->pageSize);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56168:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTemp, apDiv[i], sz);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56177:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apCell[nCell], &pOld->aData[8], 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56386:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNew->aData[8], pCell, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56433:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&apNew[nNew-1]->aData[8], zChild, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56639:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pChild->aiOvfl, pRoot->aiOvfl,
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56641:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pChild->apOvfl, pRoot->apOvfl,
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:56885:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newCell, oldCell, 4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:57775:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zContext[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:57996:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zErr[100];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:58627:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zOut, zIn, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:59167:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMem->zMalloc, pMem->z, pMem->n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:59331:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMem, &ctx.s, sizeof(ctx.s));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:59695:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, MEMCELLSIZE);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:59713:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, MEMCELLSIZE);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:59738:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTo, pFrom, sizeof(Mem));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:59810:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMem->z, z, nAlloc);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:60978:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)pKeyInfo, zP4, nByte - nField);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:60982:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeyInfo->aSortOrder, aSortOrder, nField);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:61103:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zTemp[i],",...",4);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:61110:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zTemp[i], zColl, n+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:61273:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zPtr[50];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:61575:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char z[1000];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:61783:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->azVar, pParse->azVar, p->nzVar*sizeof(p->azVar[0]));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:62629:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen("vdbe_profile.out", "a");
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:62981:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, pMem->z, len);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:63067:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pMem->r, &x, sizeof(x));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:64883:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBase[100]; /* Initial working space */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:65516:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[200];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:65937:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aTempRec[ROUND8(sizeof(UnpackedRecord)) + sizeof(Mem)*3 + 7];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:66831:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOut->z, pIn2->z, pIn2->n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:66833:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pOut->z[pIn2->n], pIn1->z, pIn1->n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:68349:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u.as.pNew->zName, u.as.zName, u.as.nName+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:69298:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aTempRec[ROUND8(sizeof(UnpackedRecord)) + sizeof(Mem)*3 + 7];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:72707:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->aAlloc, &p->aBuffer[iBuf], nAvail);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:72723:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->aAlloc[nByte - nRem], aNext, nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:73124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->aBuffer[p->iBufEnd], &pData[nData-nRem], nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:73250:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->pVal, pVal->z, pVal->n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:73485:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOut->z, pKey, nKey);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:73610:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, &p->zBuf[iOfst], iAmt);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:73633:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->zBuf[iOfst], zBuf, iAmt);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:73868:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zOut, &pChunk->zChunk[iChunkOffset], nCopy);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:73920:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->endpoint.pChunk->zChunk[iChunkOffset], zWrite, iSpace);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:74297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pExpr, pDup, sizeof(*pExpr));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:75884:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( pToken->n ) memcpy(pNew->u.zToken, pToken->z, pToken->n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:76284:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zAlloc, p, nNewSize);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:76287:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zAlloc, p, nSize);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:76299:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zToken, p->u.zToken, nToken);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:77450:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:80439:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->aCol, pTab->aCol, sizeof(Column)*pNew->nCol);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:81504:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSample->u.z, z, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:81672:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zFile = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:81673:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zName = (const char *)sqlite3_value_text(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:81708:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNew, db->aDb, sizeof(db->aDb[0])*2);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:81776:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zKey = (char *)sqlite3_value_blob(argv[2]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:81845:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zName = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:81849:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zErr[128];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:82638:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char saveBuf[SAVE_SZ];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:82649:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saveBuf, &pParse->nVar, SAVE_SZ);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:82654:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pParse->nVar, saveBuf, SAVE_SZ);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:82849:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(db->aDbStatic, db->aDb, 2*sizeof(db->aDb[0]));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:83872:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zStmt[k], zType, len);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:84446:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTab[24];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:84696:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, pTo->z, pTo->n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:84724:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, pToCol->a[i].zName, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:85130:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIndex->zName, zName, nName+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:85180:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zExtra, zColl, nColl);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:86331:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pColl, pColl2, sizeof(CollSeq));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:86441:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pColl[0].zName, zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:86681:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBest->zName, zName, nName);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:88305:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[50];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:88495:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zOut[j], zRep, nRep);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:88501:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zOut[j], &zStr[i], nStr-i);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:88609:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zResult[8];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:88658:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zFile = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:88664:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zProc = (const char *)sqlite3_value_text(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:88962:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aWc, pDef->pUserData, 3);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:90180:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)pStep->target.z, zFrom, nFrom);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:92336:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*pzErrMsg, sqlite3_errmsg(db), nErrMsg);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:92485:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(const char*,sqlite3**);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:92700:53: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define sqlite3_open sqlite3_api->open
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:93268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aHandle, db->aExtension, sizeof(handle)*db->nExtension);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:93613:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pI64, &value, sizeof(value));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:93775:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *aFcntl[4]; /* Argument to SQLITE_FCNTL_PRAGMA */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:95073:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zKey[40];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:95264:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *azArg[4];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:100790:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, argv[i], n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:101273:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(z, pName->z, pName->n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:103107:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCopy, zName, nName+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:104069:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew->zName, pDef->zName, sqlite3Strlen30(pDef->zName)+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:104553:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pWC->a, pOld, sizeof(pWC->a[0])*pWC->nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:104875:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wc[3]; /* Wildcard characters */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:108679:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pOrTab->a, pTabItem, sizeof(*pTabItem));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:108885:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SQLITE_API char sqlite3_query_plan[BMS*2*40]; /* Text of the join */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:109507:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sqlite3_query_plan[nQPlan], "{}", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:109510:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sqlite3_query_plan[nQPlan], z, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:109518:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sqlite3_query_plan[nQPlan], "* ", 2);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:109523:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sqlite3_query_plan[nQPlan], pLevel->plan.u.pIdx->zName, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:109528:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sqlite3_query_plan[nQPlan], "{} ", 3);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:113245:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char zText[540] = {
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:113277:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aHash[127] = {
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:113289:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aNext[121] = {
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:113301:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aLen[121] = {
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:113325:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char aCode[121] = {
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:114574:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&y, &x, 8);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:116524:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zFile, zUri, nUri);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:117793:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNew, aArg, nArg*sizeof(void *));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119727:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, zCol, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120004:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->aIndex, aIndex, sizeof(struct Fts3Index) * nIndex);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120013:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCsr, argv[2], nName);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120016:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCsr, argv[1], nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120023:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
z = (char *)sqlite3Fts3NextToken(aCol[iCol], &n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120024:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zCsr, z, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120029:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
assert( zCsr <= &((char *)p)[nByte] );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120374:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuffer[nPrefix], zCsr, nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120526:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, *ppPoslist, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, *ppPoslist, n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:120889:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *aaOutput[16]; /* Malloc'd output buffers */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:121254:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTS->aaOutput[0], aDoclist, nDoclist);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:121674:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zQuery = (const char *)sqlite3_value_text(apVal[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:121954:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pRet, sqlite3_value_blob(pVal), sizeof(Fts3Cursor *));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:122073:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zArg = (const char *)sqlite3_value_text(apVal[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:124157:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p->pFts3Tab->zDb, zDb, nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:124158:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p->pFts3Tab->zName, zFts3, nFts3);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:124737:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet->pPhrase->aToken[0].z, zToken, nToken);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:124851:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zTemp[nTemp], zByte, nByte);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:124879:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, zTemp, nTemp);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125389:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pp, sqlite3_column_blob(pStmt, 0), sizeof(*pp));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125485:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)sqlite3_value_text(argv[0]), &pModule);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125502:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zExpr = (const char *)sqlite3_value_text(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125511:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
azCol[ii] = (char *)sqlite3_value_text(argv[ii+2]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125916:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)new_elem->pKey, pKey, nKey);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zReverse[28];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126830:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *azArg[64];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126847:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zName = (const char *)sqlite3_value_text(argv[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126849:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zInput = (const char *)sqlite3_value_text(argv[argc-1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126865:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
azArg[i-1] = (const char *)sqlite3_value_text(argv[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126945:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pp, sqlite3_column_blob(pStmt, 0), sizeof(*pp));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:127105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delim[128]; /* flag ASCII delimiters */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:128214:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *zText = (const char *)sqlite3_value_text(apVal[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:128673:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pReader->zTerm[nPrefix], pNext, nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:128902:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pReader->aNode, zRoot, nRoot);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:129022:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pReader->ppNextElem, aElem, nElem*sizeof(Fts3HashElem *));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:129306:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTree->aData[nData], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:129320:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTree->zTerm, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:129567:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWriter->aData[nData], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:129570:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pWriter->aData[nData], aDoclist, nDoclist);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:129589:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pWriter->zTerm, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:129859:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pMsr->aBuffer, pList, nList);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:130203:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pCsr->aBuffer[nDoclist], pList, nList);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:130798:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->term.a[nPrefix], &p->aNode[p->iOff], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:130902:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pBlk->a[pBlk->n], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:130905:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->key.a, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:130978:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pPrev->a, zTerm, nTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:130985:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNode->a[pNode->n], &zTerm[nPrefix], nSuffix);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:130990:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pNode->a[pNode->n], aDoclist, nDoclist);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:131316:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->block.a, aRoot, nRoot);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:131328:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->key.a, reader.term.a, reader.term.n);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:131338:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->block.a, aBlock, nBlock);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:131802:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pHint->a, aHint, nHint);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:132343:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->nNodeSize = atoi(&zVal[9]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:132346:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->nMaxPendingData = atoi(&zVal[11]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:132466:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRet, &p->pList->aData[nSkip], *pnData);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:133217:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pStr->z[pStr->n], zAppend, nAppend);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:133882:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pCsr->zMatchinfo, zArg, nArg+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:134153:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aBuffer[64];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:135513:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode->zData, zBlob, pRtree->iNodeSize);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:136226:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, sqlite3_value_blob(pValue), nBlob);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:136377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zIdxStr[RTREE_MAX_DIMENSIONS*8+1];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:136503:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cell, p, sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:136901:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aSpare, aLeft, sizeof(int)*nLeft);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:136970:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aSpare, aLeft, sizeof(int)*nLeft);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137062:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&left, &aCell[aaSorted[ii][0]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137063:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&right, &aCell[aaSorted[ii][nCell-1]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137092:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBboxLeft, &aCell[aaSorted[iBestDim][0]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137093:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBboxRight, &aCell[aaSorted[iBestDim][iBestSplit]], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137133:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBboxLeft, &aCell[iLeftSeed], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137134:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBboxRight, &aCell[iRightSeed], sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137216:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aCell[nCell], pCell, sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137507:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aCell[ii], pCell, sizeof(RtreeCell));
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:137942:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *azSql[N_STATEMENT] = {
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138123:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRtree->zDb, argv[1], nDb);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138124:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRtree->zName, argv[2], nName);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zCell[512];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138560:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zBuf[128];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138688:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zLocale = (const char *)sqlite3_value_text(apArg[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138775:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zLocale = (const char *)sqlite3_value_text(apArg[0]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138776:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zName = (const char *)sqlite3_value_text(apArg[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138923:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->zLocale, argv[0], n);
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:19:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:25:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameExt[MAX_EXTENSION];
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:99:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileExt[MAX_EXTENSION];
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:82:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:245:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual Table OpenTable(const String name, OpenOptions open);
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:513:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(countQuery, "SELECT COUNT(*) ");
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:640:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:56:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:215:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexName[1024];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:220:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(indexName, "index_");
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:315:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char build[MAX_LOCATION];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:342:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:348:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
number = atoi(fileName);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:439:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apath[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:486:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(apath, "-/tables");
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:717:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(index.fieldIndexes, fieldIndexes, count * sizeof(FieldIndex));
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:724:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexName[1024];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:727:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(indexName, "index_");
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:754:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:755:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(file, "%d", c);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:810:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:811:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char build[MAX_LOCATION];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:812:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(file, "%d", num);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1064:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1065:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(file, "%d", _num);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1623:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1624:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(file, "%d", _num);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1661:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1662:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(file, "%d", _num);
data/ecere-sdk-0.44.15/eda/libeda/src/ers.ec:621:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[4096];
data/ecere-sdk-0.44.15/eda/libeda/src/ers.ec:650:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/eda/libeda/src/ers.ec:653:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filePath, ".csv");
data/ecere-sdk-0.44.15/eda/libeda/src/gui.ec:91:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[4096];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:964:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char queryString[4096*4];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:989:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(queryString, " WHERE ");
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:995:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(queryString, " OR ");
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1007:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ln, searchCI.array, len);
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1295:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1334:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1620:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[MAX_F_STRING];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1685:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * words[256];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1761:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_FILENAME];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1775:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[3];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1795:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[3];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1823:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[1024];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1824:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char asciiWord[1024];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1889:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subWord[1024];
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1892:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subWord, word + s, count-s);
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:2428:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:308:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ids + c, ids + c + 1, (count - 1 - c) * sizeof(Id));
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:369:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[256];
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:374:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(c) strcat(stringOutput, ", ");
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:386:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[256];
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:390:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Add(atoi(value));
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:819:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string + size, line.text, line.count);
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:1135:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(link.data, data, type.structSize);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[256];
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:197:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ParseDirList((char *)argv[c], optionsCompiler.includeDirs);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:204:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ParseDirList((char *)argv[c], optionsCompiler.libraryDirs);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:262:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION] = "";
data/ecere-sdk-0.44.15/extras/CSVDataParser.ec:56:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, buffer.array, len + 1);
data/ecere-sdk-0.44.15/extras/CSVParser.ec:80:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/extras/CSVParser.ec:175:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, &buffer[start], len);
data/ecere-sdk-0.44.15/extras/CSVParser.ec:225:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, &buffer[start], len);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:16:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR chNewEnv[BUFSIZE];
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:233:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ** env = output.env = new char * [this.count+1];
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:250:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
output.env = (char **)new char[len];
data/ecere-sdk-0.44.15/extras/SMTPSocket.ec:67:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/extras/XMLParser.ec:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyWord[1024];
data/ecere-sdk-0.44.15/extras/XMLParser.ec:92:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[MAX_TAG_LEN];
data/ecere-sdk-0.44.15/extras/base64.ec:2:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base64inv[128] =
data/ecere-sdk-0.44.15/extras/createLink.ec:44:13: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, lpszPathLink, -1, wsz, MAX_PATH);
data/ecere-sdk-0.44.15/extras/gui/RoundedSquare.ec:97:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tl.picture, borderData, sizeof(borderData));
data/ecere-sdk-0.44.15/extras/gui/RoundedSquare.ec:98:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(itl.picture, insideData, sizeof(insideData));
data/ecere-sdk-0.44.15/extras/gui/RoundedSquare.ec:107:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.picture, borderData, sizeof(borderData));
data/ecere-sdk-0.44.15/extras/gui/RoundedSquare.ec:113:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.picture, insideData, sizeof(insideData));
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:12:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:22:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING*10];
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:31:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:72:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/extras/gui/controls/LogBox.ec:82:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING*10];
data/ecere-sdk-0.44.15/extras/gui/controls/PasswordBox.ec:20:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contents, backup, len);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:109:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION], referer[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:137:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:154:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:520:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:528:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "http:");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:590:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:756:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char referer[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:757:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:768:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(relocation, "http://");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:794:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:817:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "http:");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:849:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:905:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:939:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textBlock.text, text + start, len);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1007:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char referer[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1422:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1429:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newLocation, "http:");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1513:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1521:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newLocation, "http:");
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:115:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[3] = { input[c+1], input[c+2], 0 };
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:242:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[MAX_TAG_LEN];
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:243:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[MAX_SYMBOL_LEN];
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:316:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyWord[1024];
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:335:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.w = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:340:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.h = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:363:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.pWidth = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:365:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.width = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:371:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.pHeight = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:373:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.height = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:513:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:517:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numTimes = atoi(keyWord+1);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:529:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numTimes = atoi(keyWord+1);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:725:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.size = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:815:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.pWidth = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:817:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.width = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:823:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.pHeight = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:825:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.height = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:830:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.cellPadding = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:966:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.pWidth = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:968:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.width = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:974:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.pHeight = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:976:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.height = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:981:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.span = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:986:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.cellPadding = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:991:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subBlock.rowSpan = atoi(keyWord);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:1132:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8[5];
data/ecere-sdk-0.44.15/extras/include/dpl.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/include/dpl.c:50:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/include/dpl.ec:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * s[6];
data/ecere-sdk-0.44.15/extras/include/dpl.ec:33:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s[0], "%04d", now.year);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:34:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s[1], "%02d", now.month+1);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:35:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s[2], "%02d", now.day);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:36:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s[3], "%02d", now.hour);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:37:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s[4], "%02d", now.minute);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:38:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s[5], "%02d", now.second);
data/ecere-sdk-0.44.15/extras/include/dpl.ec:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/include/dpl.ec:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/include/dpl.ec:94:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/include/dpl.ec:116:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/md5.ec:216:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx.buffer[used], data, size);
data/ecere-sdk-0.44.15/extras/md5.ec:220:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx.buffer[used], data, available);
data/ecere-sdk-0.44.15/extras/md5.ec:232:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx.buffer, data, size);
data/ecere-sdk-0.44.15/extras/md5.ec:295:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(output + len, "%02x", bytes[c]);
data/ecere-sdk-0.44.15/extras/sha256.ec:208:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[length % 64], data, (uint32)(64 - length % 64));
data/ecere-sdk-0.44.15/extras/sha256.ec:216:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[length % 64], data, size);
data/ecere-sdk-0.44.15/extras/sha256.ec:235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp.buffer, buffer, (uint32)(length % 64));
data/ecere-sdk-0.44.15/extras/tiles/astar.ec:32:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ASNode *open;
data/ecere-sdk-0.44.15/extras/tiles/astar.ec:132:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp1=aStar->open;
data/ecere-sdk-0.44.15/extras/tiles/astar.ec:248:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
node=aStar->open;
data/ecere-sdk-0.44.15/extras/types/CountryCode.ec:271:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[10];
data/ecere-sdk-0.44.15/extras/types/CountryCode.ec:273:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_LOCATION];
data/ecere-sdk-0.44.15/extras/types/Currency.ec:22:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[256];
data/ecere-sdk-0.44.15/extras/types/Currency.ec:28:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(number, "%.2f", this);
data/ecere-sdk-0.44.15/extras/types/Currency.ec:31:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempString, "$ ");
data/ecere-sdk-0.44.15/extras/types/Currency.ec:52:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempString + pos, number + c, numDigits);
data/ecere-sdk-0.44.15/extras/types/Currency.ec:67:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[256] = "";
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:25:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.array, value, len);
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:51:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(this[pos]), s, len+1);
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:58:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:70:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING];
data/ecere-sdk-0.44.15/extras/windowsShortcut.ec:45:13: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, lpszPathLink, -1, wsz, MAX_PATH);
data/ecere-sdk-0.44.15/extras/windowsShortcut.ec:73:16: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
if(MultiByteToWideChar(CP_ACP, 0, lpszPathObj, -1, wsz, MAX_PATH))
data/ecere-sdk-0.44.15/extras/windowsShortcut.ec:80:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathTarget[2048] = { 0 };
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:206:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * settingsDirectoryNames[DirTypes] =
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:247:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toPart[MAX_FILENAME], toRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:248:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathPart[MAX_FILENAME], pathRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:378:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:495:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:556:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path, ".econ");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:571:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:580:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:581:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultConfigFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:804:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:823:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:842:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SafeFile sf = SafeFile::open(path, write);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:861:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if((sf = SafeFile::open(path, read)))
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:888:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:889:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:891:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SafeFile ::open(const char * path, FileOpenMode mode)
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:903:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sf.tmp, ".tmp");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1315:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1326:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1328:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(!*p) strcpy(p, "./");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1344:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1364:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1379:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1399:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1462:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * compilerTypeNames[CompilerType] = { "GCC", "TCC", "PCC", "VS8", "VS9", "VS10" };
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1463:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * compilerTypeVersionString[CompilerType] = { "", "", "", "8.00", "9.00", "10.00" };
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1464:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * compilerTypeSolutionFileVersionString[CompilerType] = { "", "", "", "9.00", "10.00", "11.00" };
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1465:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * compilerTypeYearString[CompilerType] = { "", "", "", "2005", "2008", "2010" };
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1466:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * compilerTypeProjectFileExtension[CompilerType] = { "", "", "", "vcproj", "vcproj", "vcxproj" };
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2009:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2010:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2115:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2116:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2153:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2154:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2222:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lang[256];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:19:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, s+lenSwitchToKeep+1, len-lenSwitchToKeep-1);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:27:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, s, len);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:143:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " - ");
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:149:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " - ");
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:154:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " (");
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:967:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathPart[MAX_FILENAME], pathRest[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:968:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toPart[MAX_FILENAME], toRest[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:988:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:993:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwdBackup[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1037:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[1024];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1361:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1503:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1583:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:246:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * paths[128];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:285:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char progFifoPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:286:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char progFifoDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:326:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vgLogPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:617:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastGdbOutput[GdbGetLineSize];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:808:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:828:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:903:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char verboseExitCode[128];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:948:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char program[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1063:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativeFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1128:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1204:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1274:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1321:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absolutePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1343:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1350:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1351:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1352:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1457:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
frame.level = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1507:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
frame.line = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1580:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bp.id = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1611:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bp.line = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1615:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bp.times = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1651:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[MAX_F_STRING*4];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1755:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1756:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1757:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixedModuleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1758:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[16384];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1786:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relative[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1807:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1808:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relative[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1980:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escaped[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2100:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativeFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2127:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativeFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2231:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldDirectory[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2232:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2233:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_F_STRING*4];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2280:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2370:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command, "gdb");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2378:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -n -silent --interpreter=mi2"); //-async //\"%s\"
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2602:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char watchmsg[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2630:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[4096];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2665:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4096];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2680:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4096];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2708:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structString[1024];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2709:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(structString, "*(struct ");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2711:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(structString, " *)");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2883:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2892:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024] = "";
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:2966:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[4196];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3007:40: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string + start, s, size);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3039:40: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(value, ") (ISO8859-1)");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3082:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charString[5];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3083:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3426:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1025];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3534:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
frameCount = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3637:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3654:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
activeThread = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3671:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eval.bytes = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3887:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stopItem.threadid = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3894:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stopItem.bkptno = atoi(item.value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3965:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exeFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4065:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4066:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4116:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prjTargetPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4117:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prjTargetFile[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4242:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output[4096];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4269:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dynamicBuffer[pos], output + start, c - start);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4359:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dynamicBuffer[pos], output + start, c - start);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4388:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output[4096];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4413:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dynamicBuffer[pos], output + start, c - start);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4432:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dynamicBuffer[pos], output + start, c - start);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4457:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output[4096];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4482:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dynamicBuffer[pos], output + start, c - start);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4500:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dynamicBuffer[pos], output + start, c - start);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4540:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output[1000];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4812:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4847:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this.line = atoi(line);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:5018:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:5028:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int line = atoi(colon);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:352:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * outTokens[3200], * subTokens[3200];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:564:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * frameTokens[3200], * argsTokens[3200], * mTokens[3200];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:578:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(string, "%d %s", atoi(item.value), frame.string);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:140:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[350];
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:150:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[350];
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:153:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, ".0");
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expString[1024] = "";
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:190:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idString, prefix, sizeof(prefix) - 1);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:191:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idString + sizeof(prefix) - 1, start, len + 1);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:251:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:518:40: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:647:49: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, value.instance.data, type.size);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:711:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:1183:100: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
case charType: exp.constant = expType.isSigned ? PrintChar(((char *)tmp)[offset]) : PrintUChar(((byte *)tmp)[offset]); break;
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:1318:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newString + 1, tmp, len);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:1618:94: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
case charType: exp.constant = expType.isSigned ? PrintChar(((char *)tmp)[offset]) : PrintUChar(((byte *)tmp)[offset]); break;
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:1796:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256] = "";
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:2471:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:265:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exeFileTruncated[16];
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:274:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int process = atoi(listing.name);
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:279:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[256];
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:285:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:297:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ppid = atoi(buffer + 6);
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:323:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:324:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[128];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:84:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
type = open, text = $"Open Project",
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:671:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char methodName[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:712:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[512];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:812:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:955:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1275:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1666:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1772:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paramString[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1830:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1906:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paramString[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2268:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[2048];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2323:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lineFormat[16];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2324:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lineText[256];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2331:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lineFormat, " %%%du", maxLineNumberLength);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2411:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2527:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2631:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldWorkDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2632:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mainModuleName[MAX_FILENAME] = "";
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2635:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2815:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2903:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symFile[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2904:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:3272:70: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:3634:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:3688:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:3769:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4272:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*text + movedFuncIdPos, method.name, newLen);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4385:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4446:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024] = "";
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4892:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text + movedFuncIdPos, methodName, newLen);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5287:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char methodName[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5336:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5377:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5434:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024] = "";
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5439:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5446:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "::");
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:5474:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:6058:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:6497:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[1024];
data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec:50:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024] = "";
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:730:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char selectedProp[1024];
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:1269:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:1281:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:1380:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char selectedMethod[1024];
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:1383:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char selectedProp[1024];
data/ecere-sdk-0.44.15/ide/src/designer/Sheet.ec:1422:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((byte *)propObject + member.offset, (byte *)current + member.offset, member.memberOffset);
data/ecere-sdk-0.44.15/ide/src/designer/ToolBox.ec:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[1024];
data/ecere-sdk-0.44.15/ide/src/designer/findCtx.ec:889:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/ide/src/designer/findParams.ec:873:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subMemberStack, _subMemberStack, sizeof(DataMember) * _subMemberStackPos);
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:7:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * compilerSignatureEnvVars[CompilerType] = { "", "", "", "VS80COMNTOOLS", "VS90COMNTOOLS", "VS100COMNTOOLS" };
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:31:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compilerPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:42:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65536];
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:80:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[256];
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:150:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compilerPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:141:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:175:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentDirectory[MAX_DIRECTORY];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:261:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:320:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:465:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:611:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAX_DIRECTORY], contentCriteria[1024], contentReplace[1024], nameCriteria[1024];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:663:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char substring[512];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:664:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char containing[512];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:726:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:734:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileRelative[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:774:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileRelative[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:861:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileRelative[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:862:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:872:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char special[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:917:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileRelative[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:918:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:926:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char special[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1011:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65536];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1029:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[7] = " ";
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1030:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[5] = " ";
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1078:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65536];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1097:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1098:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[6] = " ";
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1099:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[4] = " ";
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:9:41: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FileDialog toolchainFileDialog { type = open, text = $"Open"; mayNotExist = true; };
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:424:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:460:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compilerName[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:487:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uniqueName[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:507:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyName[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/dialogs/GlobalSettingsDialog.ec:574:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char compilerName[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:15:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:16:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:21:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projectLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:44:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:45:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:117:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION]; // Windows Friendly path
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:146:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspaceFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:167:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newWorkingDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:179:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[256];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:180:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varName[256];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:245:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:246:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:247:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastPart[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:287:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:288:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastPart[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:319:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:358:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:359:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:371:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempDir[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:372:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:373:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prjName[MAX_LOCATION] = "quick_project";
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:457:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspaceFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:493:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:494:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newFileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:533:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char className[256];
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:534:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varName[256];
data/ecere-sdk-0.44.15/ide/src/dialogs/NodeProperties.ec:44:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NodeProperties.ec:150:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NodeProperties.ec:155:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NodeProperties.ec:184:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/NodeProperties.ec:232:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec:21:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec:67:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec:97:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/documents/ModelView.ec:15:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/documents/PictureEdit.ec:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:166:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
type = open;
data/ecere-sdk-0.44.15/ide/src/ide.ec:889:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION] = "";
data/ecere-sdk-0.44.15/ide/src/ide.ec:1673:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "documentor");
data/ecere-sdk-0.44.15/ide/src/ide.ec:1864:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:1878:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workingDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:1963:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[4096];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2322:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempString[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2385:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION] = "";
data/ecere-sdk-0.44.15/ide/src/ide.ec:2389:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2438:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspaceFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2471:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newWorkingDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2515:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2546:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slashFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2595:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2855:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ide/src/ide.ec:2856:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char completePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2906:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2926:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line = atoi(colon + 1);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2929:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
col = atoi(colon + 1);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2953:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:2961:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3165:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3166:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME+96];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3266:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3267:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parentPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3268:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3284:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3356:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * oldPaths[128];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3399:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3713:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[256];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3722:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "/usr/share");
data/ecere-sdk-0.44.15/ide/src/ide.ec:3748:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3755:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3789:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3850:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3885:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3984:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char genericLocale[256];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3993:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(genericLocale, "zh_CN");
data/ecere-sdk-0.44.15/ide/src/ide.ec:4037:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ide/src/ide.ec:4069:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ide/src/panels/BreakpointsView.ec:64:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(string);
data/ecere-sdk-0.44.15/ide/src/panels/BreakpointsView.ec:218:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[32];
data/ecere-sdk-0.44.15/ide/src/panels/BreakpointsView.ec:230:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", bp.ignore);
data/ecere-sdk-0.44.15/ide/src/panels/BreakpointsView.ec:235:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%d", bp.level);
data/ecere-sdk-0.44.15/ide/src/panels/CallStackView.ec:40:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
frameIndex = atoi(editBox.line.text);
data/ecere-sdk-0.44.15/ide/src/panels/CallStackView.ec:51:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
frameIndex = atoi(editBox.line.text);
data/ecere-sdk-0.44.15/ide/src/panels/CallStackView.ec:106:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING*10];
data/ecere-sdk-0.44.15/ide/src/panels/OutputView.ec:328:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING*10];
data/ecere-sdk-0.44.15/ide/src/panels/OutputView.ec:396:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING*10];
data/ecere-sdk-0.44.15/ide/src/panels/ThreadsView.ec:32:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(editBox.line.text);
data/ecere-sdk-0.44.15/ide/src/panels/ThreadsView.ec:41:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(line.text);
data/ecere-sdk-0.44.15/ide/src/panels/ThreadsView.ec:130:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_F_STRING*10];
data/ecere-sdk-0.44.15/ide/src/panels/ThreadsView.ec:199:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(line.text);
data/ecere-sdk-0.44.15/ide/src/panels/WatchesView.ec:265:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actualString[8196];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:146:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:214:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(indentation, " ");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:626:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:627:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:897:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[4096];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1005:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1254:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, ".exe");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1263:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, ".dll");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1265:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, ".dylib");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1267:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, ".so");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1281:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, ".a");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1289:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1318:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1353:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projectName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1362:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1369:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1486:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65536];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1522:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65536];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1531:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1670:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[1];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1710:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[1];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1739:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION], temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1743:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1770:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1903:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullModuleName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1915:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1921:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2022:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetFileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2057:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65536];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2095:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetFileName[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2097:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char makeFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2098:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char makeFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2099:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2108:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_F_STRING*4];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2141:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pushD[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2142:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2181:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldwd[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2205:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2240:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65536];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2293:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char makeFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2294:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char makeFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2295:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2314:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldwd[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2333:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2367:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldDirectory[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2383:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2423:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "$(LP)");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2425:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fileName, "$(OUT)");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2431:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2440:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2460:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2478:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2497:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2729:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2730:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char makeFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2753:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2754:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objDirExpNoSpaces[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2755:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objDirNoSpaces[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2756:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resDirNoSpaces[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2757:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetDirExpNoSpaces[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2758:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixedModuleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2759:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixedConfigName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2772:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2793:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2887:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfDir, "$(CF_DIR)");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2907:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2908:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2956:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * map[5][2] = { { "COBJECTS", "C" }, { "SYMBOLS", "S" }, { "IMPORTS", "I" }, { "ECOBJECTS", "O" }, { "BOWLS", "B" } };
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3711:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION] = "c";
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3713:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixedModuleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3716:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objDirNoSpaces[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3732:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -isystem ");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3745:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -I");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3757:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -D");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3764:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3870:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[sizeof(epjSignature)];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3875:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char topNodePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4030:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4031:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char section[128];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4032:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subSection[128];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4170:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parentPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4171:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char section[128] = "";
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subSection[128] = "";
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4179:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4214:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4253:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4300:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char topNodePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4315:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(section, "Target");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4335:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(section, "Target");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4592:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4692:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char insidePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4699:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char topNodePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4777:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_F_STRING*4];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4785:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4786:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[128];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4828:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tokens[16];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4830:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ver = count > 1 ? atoi(tokens[1]) : 0;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4831:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ver += count ? atoi(tokens[0]) * 1000 : 0;
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:54:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:124:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".x32");
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:129:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".x64");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:32:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ofPart[MAX_FILENAME], ofRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:33:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathPart[MAX_FILENAME]; //, pathRest[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:63:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:188:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:192:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stripExt[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:247:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:248:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:260:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char insidePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:284:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:285:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:297:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char insidePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:556:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:557:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:572:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".main.ec");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:789:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:912:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(exp, "$(if $(or ");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:926:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(exp, "$(");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:948:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(exp, "$(if $(");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:952:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(exp, "),");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1095:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1119:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1139:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1157:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1272:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1324:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1350:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " (");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1357:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " (");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1367:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " *");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1444:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1467:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1473:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1519:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2048];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1521:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1522:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1527:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1528:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1552:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1563:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1575:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1629:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1630:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1631:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1654:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -isystem ");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1667:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -I");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1679:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -D");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1686:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1765:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1766:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1767:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1824:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1825:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1826:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1849:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -isystem ");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1862:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -I");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1874:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command, " -D");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1881:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1970:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1971:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1972:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2158:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2159:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2183:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION] = "", temp[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2435:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2440:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2455:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2499:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(moduleName, ".main.ec");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2536:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2537:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2538:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2672:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char priorityMark[10];
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2675:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(priorityMark, "%06d\n", priority * 1000 + order);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:12:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:343:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:566:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[2048];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:573:27: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(!first) strcat(msg, ", ");
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:628:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME]; //, modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:659:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winFileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:665:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:755:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char makefilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:756:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char makefileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:874:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:875:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:879:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(moduleName, ".main.ec");
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1288:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[1024];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1289:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1596:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char folder[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1652:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldwd[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1654:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1727:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lineNumber = atoi(colon + 1);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1735:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
col = atoi(comma+1);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1739:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_LOCATION], filePath[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1740:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION] = "";
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1824:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1842:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1886:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1892:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1960:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1961:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2145:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2146:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2198:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[16];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2371:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[16];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2378:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2379:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2506:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2521:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:26:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * valgrindLeakCheckNames[ValgrindLeakCheck] = { "no", "summary", "yes", "full" };
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:274:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:287:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAX_DIRECTORY];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:357:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:358:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absolute[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:413:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:499:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:506:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:520:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:542:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absolutePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:543:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:580:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absolutePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:581:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:613:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absolutePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:722:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:841:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:900:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1020:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absolutePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1098:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1113:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projectFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1135:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2] = "";
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1137:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[512];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1149:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(files, "\n...");
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1212:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char section[128];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1213:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subSection[128];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1221:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1324:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ignore = atoi(strIgnore);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1325:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(strLevel);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1326:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line = atoi(strLine);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1355:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lineNumber = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1373:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lineNumber = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1380:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
position = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1387:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
scroll.x = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1394:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
scroll.y = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1407:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projectFilePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1478:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int bitDepth = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1584:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bp.line = atoi(lineNum);
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:4:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char indendation[MAX_F_STRING];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:61:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slnFileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:111:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slnFileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:582:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:699:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:700:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:701:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relativePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:740:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:741:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moduleName[MAX_FILENAME];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 4 - Flow Control/Lab4/lab4.ec:16:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 4 - Flow Control/Lab4/lab4.ec:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/colors/lab5colors.ec:21:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/colors/lab5colors.ec:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:21:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 5 - Structures and Enumerations/Lab5/vectors/lab5vectors.ec:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec:236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec:303:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024];
data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec:391:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int item = atoi(command);
data/ecere-sdk-0.44.15/installer/coursework/Chapter 6 - Classes, Methods and Instances/Lab6/lab6.ec:476:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int item = atoi(command);
data/ecere-sdk-0.44.15/installer/src/installer.ec:60:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tempString, " (32)");
data/ecere-sdk-0.44.15/installer/src/installer.ec:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:107:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * afterSlash, rest[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:115:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char letter[10];
data/ecere-sdk-0.44.15/installer/src/installer.ec:116:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(letter, "_%cdrive", toupper(listing.name[0]));
data/ecere-sdk-0.44.15/installer/src/installer.ec:139:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/installer/src/installer.ec:198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char installPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:217:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path64[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:218:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path32[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:231:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:242:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FILENAME];
data/ecere-sdk-0.44.15/installer/src/installer.ec:435:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourceDir[MAX_LOCATION] = ":";
data/ecere-sdk-0.44.15/installer/src/installer.ec:436:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char installDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:437:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char installDir32[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:468:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:507:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION], relative[MAX_LOCATION] = "", * newPath;
data/ecere-sdk-0.44.15/installer/src/installer.ec:508:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:586:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizeString[100];
data/ecere-sdk-0.44.15/installer/src/installer.ec:625:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appData[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:642:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:649:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defSamplesPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:664:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defExtrasPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:827:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:872:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:903:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:958:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char programFilesDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:959:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appData[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:960:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char homeDrive[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:961:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winDir[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1045:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(installDir32, " (32)");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1052:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(installDir32, " (32)");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1056:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(installDir, "C:\\Ecere SDK");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1058:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(installDir32, " (32)");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1063:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defSamplesPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1064:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defExtrasPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1090:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizeString[100];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1146:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char genericLocale[256];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1154:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(genericLocale, "zh_CN");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1274:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void AddPath(char * sysPaths[200], int sysCount, char * paths[200], int * count, char * oldPath, char * userPath, char * path)
data/ecere-sdk-0.44.15/installer/src/installer.ec:1274:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void AddPath(char * sysPaths[200], int sysCount, char * paths[200], int * count, char * oldPath, char * userPath, char * path)
data/ecere-sdk-0.44.15/installer/src/installer.ec:1312:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldPath[8192], * paths[200], * sysPaths[200];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1331:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1351:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1367:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyName[1024];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1390:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(keyName, " \"%L\"");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1426:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idePath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1427:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userProfile[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1455:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1481:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1502:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/installer/src/installer.ec:1562:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uninstaller[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1587:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userPath[8192] = "";
data/ecere-sdk-0.44.15/installer/src/installer.ec:1588:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systemPath[8192] = "";
data/ecere-sdk-0.44.15/installer/src/installer.ec:1644:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1645:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char startMenuPath[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/installer/src/installer.ec:1682:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char samplesPath[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/installer/src/installer.ec:1691:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char docPath[MAX_LOCATION] = "";
data/ecere-sdk-0.44.15/installer/src/installer.ec:1696:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tao[MAX_LOCATION] ;
data/ecere-sdk-0.44.15/installer/src/installer.ec:1713:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desktopPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1748:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appData[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1752:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/installer/src/installer.ec:1756:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[MAX_FILENAME];
data/ecere-sdk-0.44.15/samples/3D/HiraganaCube/hiraganaCube.ec:100:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * hiragana[6] = { "あ", "い", "う", "え", "お", "ん" };
data/ecere-sdk-0.44.15/samples/3D/TransCube/transCube.ec:163:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/ecere-sdk-0.44.15/samples/3D/TransCube/transCube.ec:165:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "Cube Face %d", c+1);
data/ecere-sdk-0.44.15/samples/3D/TransCube/transCube.ec:178:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "tex%d.bmp", c+1);
data/ecere-sdk-0.44.15/samples/3D/TransCube/transCube.ec:179:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(c == 3) strcpy(name, "glass.bmp");
data/ecere-sdk-0.44.15/samples/3D/spriteBalls/balls.ec:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ballPattern[SIZEBALLX*SIZEBALLY] =
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/demo.ec:394:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textures[c].palette, map.palette, 256*4);
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:147:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this.vertices, vertices, sizeof(vertices));
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:148:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this.texCoords, texCoords, sizeof(texCoords));
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:153:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(group.indices, indices, sizeof(indices));
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:286:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * names[7] = { "Adenine", "Cytosine", "Guanine", "Thymine", "Phosphate", "Desoxyribose", "Hydrogene" };
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:377:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:394:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "Base%02d", c*2);
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:405:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "Base%02d", c*2+1);
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:418:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "Desoxyribose%02d", c*2);
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/dna.ec:427:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "Desoxyribose%02d", c*2+1);
data/ecere-sdk-0.44.15/samples/audio/DirectBufferPlayer/wavPlayer.ec:66:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, sound.data + pos, s);
data/ecere-sdk-0.44.15/samples/audio/DirectBufferPlayer/wavPlayer.ec:88:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream, buffer, len);
data/ecere-sdk-0.44.15/samples/audio/SineTone/sineTone.ec:82:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, sound.data + pos, s);
data/ecere-sdk-0.44.15/samples/audio/SineTone/sineTone.ec:91:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream, buffer, len);
data/ecere-sdk-0.44.15/samples/db/EDATest/EDATest.ec:30:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/db/MedDB/med.ec:41:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/ecere-sdk-0.44.15/samples/db/MedDB/med.ec:42:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char amountString[256];
data/ecere-sdk-0.44.15/samples/db/MedDB/med.ec:48:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "(Click here to add)");
data/ecere-sdk-0.44.15/samples/db/MedDB/med.ec:62:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "(Click here to add)");
data/ecere-sdk-0.44.15/samples/db/MovieCollection/borrowerReport.ec:164:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char reportTitle[256];
data/ecere-sdk-0.44.15/samples/db/MovieCollection/borrowerReport.ec:165:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(reportTitle, "Movies borrowed for more than %d days", daysAgo);
data/ecere-sdk-0.44.15/samples/db/MovieCollection/reports.ec:7:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char months[12][4] =
data/ecere-sdk-0.44.15/samples/db/MovieCollection/reports.ec:48:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[64];
data/ecere-sdk-0.44.15/samples/db/MovieCollection/reports.ec:50:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(number, "Page %d", render.GetPageNumber());
data/ecere-sdk-0.44.15/samples/eC/FindPrime/findPrime.ec:40:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int num = argc > 1 ? atoi(argv[1]) : 1;
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:42:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *prefix_op_string[PrefixOperator] = {
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:50:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *postfix_op_string[PostfixOperator] = {
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:59:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *binary_op_string[BinaryOperator] = {
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:64:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *parenthesis_type_string[ParenthesisType] = {
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:70:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *function_string[CASFunction] = {
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:167:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *constant_string[CASConstant] = {
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:244:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tagstr[16];
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:352:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, this, sizeof(class Expression));
data/ecere-sdk-0.44.15/samples/eC/ecas/expression.ec:809:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(expr, tree.root, sizeof(class Expression));
data/ecere-sdk-0.44.15/samples/eC/ecas/misc.ec:97:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, src, len);
data/ecere-sdk-0.44.15/samples/eC/fibonacci/fibo.ec:20:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10000];
data/ecere-sdk-0.44.15/samples/eC/fibonacci/fibo.ec:27:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[100];
data/ecere-sdk-0.44.15/samples/eC/fibonacci/fibo.ec:31:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string + len, number, l);
data/ecere-sdk-0.44.15/samples/eC/neural/neural.ec:49:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * behaviors[4] = { "Run", "Hide", "Wander", "Attack" };
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char passwords[NUMLEVELS+1][5] =
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char board[DIMY][DIMX];
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:120:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[80];
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:127:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(map,":map%d.dat",level);
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:270:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[80];
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:271:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "Wrapping to level %d...",l);
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:373:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[80];
data/ecere-sdk-0.44.15/samples/games/cards/poker/player.ec:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char handTypes[10][20] =
data/ecere-sdk-0.44.15/samples/games/cards/poker/poker.ec:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char playerNames[6][20] =
data/ecere-sdk-0.44.15/samples/games/cards/poker/poker.ec:108:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/samples/games/cards/poker/poker.ec:202:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[64];
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/bet.ec:21:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int bet = atoi(edit.contents);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:587:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:623:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/scores.ec:33:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/scores.ec:36:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"(%d)",-score);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/scores.ec:41:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"%d",score);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/setup.ec:482:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(game->players[0].name, "You");
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/setup.ec:483:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(game->players[1].name, "Georges");
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/setup.ec:484:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(game->players[2].name, "Bryan");
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/setup.ec:485:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(game->players[3].name, "Arnold");
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec:9:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case clubs: strcpy(string, "clubs"); break;
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec:10:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case diamonds: strcpy(string, "diamonds"); break;
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec:11:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case hearts: strcpy(string, "hearts"); break;
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec:12:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case spades: strcpy(string, "spades"); break;
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec:13:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
default: strcpy(string, "None");
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec:21:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/ecere-sdk-0.44.15/samples/games/chess/src/chess2D.ec:20:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * names[12] =
data/ecere-sdk-0.44.15/samples/games/chess/src/chess2D.ec:57:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/samples/games/chess/src/chess3D.ec:3:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * names[Player][PieceType] =
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/CornerBlocksServer.ec:6:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char players[MaxPlayers][256];
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:455:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *playerNames[MaxPlayers];
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1100:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1141:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = temp; sprintf(temp, "%d", state->scores[p]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1147:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = temp; sprintf(temp, "%d", state->bonus[p]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1154:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = temp; sprintf(temp, "%d", state->scores[p] + state->bonus[p]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1177:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = temp; sprintf(temp, "%d", grandTotals[p]);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1184:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1213:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, ", ");
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1215:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " and ");
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1218:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, " tied!");
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1285:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerNames[MaxPlayers][256];
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1512:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)msg)[MAX_F_STRING-100] = 0;
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1645:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:59:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char players[4][256];
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:99:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * dicos[Languages] = { ":englishWords.txt", ":frenchWords.txt" };
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:230:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[100];
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:252:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[16];
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:485:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newBoard, crossWordsGame.board, 15*15*sizeof(Letters));
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:518:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(crossWordsGame.board, newBoard, 15*15*sizeof(Letters));
data/ecere-sdk-0.44.15/samples/games/crosswords/crossWords.ec:170:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerNames[MaxPlayers][256];
data/ecere-sdk-0.44.15/samples/games/crosswords/crossWords.ec:284:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8[4];
data/ecere-sdk-0.44.15/samples/guiAndGfx/eNotepad/eNotepad.ec:61:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
master = this, type = open, text = "Load File...",
data/ecere-sdk-0.44.15/samples/guiAndGfx/eNotepad/eNotepad.ec:125:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paramLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/GradientDesigner.ec:60:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keys._, defaultKeys, sizeof(ColorKey) * keys.size);
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:629:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:658:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:714:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fractal.imageSize.w = atoi(editBox.contents);
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:727:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fractal.imageSize.h = atoi(editBox.contents);
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:742:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
master.mandelbrot.thread.exponent = master.julia.thread.exponent = atoi(editBox.contents);
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:759:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fractal.thread.iterations = atoi(editBox.contents);
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:870:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int value = atoi(editBox.contents);
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:1366:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
master = this, type = open, text = "Load Fractals Settings...",
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:236:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
master = this, type = open, text = "Load Track...",
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:397:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vn[16];
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:415:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[PREFIX_SIZE];
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:416:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vn[16];
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:21:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_F_STRING];
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:22:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAX_F_STRING];
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:33:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unescaped[16384];
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:41:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
property::delay = atoi(app.argv[2]);
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:58:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_F_STRING];
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/Reminder.ec:59:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAX_F_STRING];
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/timeAddendum.ec:30:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(output, "%dm %ds", m, s);
data/ecere-sdk-0.44.15/samples/guiAndGfx/reminder/timeAddendum.ec:35:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(output, "%dm", m);
data/ecere-sdk-0.44.15/samples/guiAndGfx/screenShot/shot.ec:17:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/guiAndGfx/screenShot/shot.ec:18:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fileName, "shot%02d.png", c);
data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/MySkin.ec:343:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * skinBitmaps[SkinBitmap] =
data/ecere-sdk-0.44.15/samples/guiAndGfx/slideShow/eShow.ec:6:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/guiAndGfx/snow/snow.ec:70:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer.picture, bitmap.picture, buffer.sizeBytes);
data/ecere-sdk-0.44.15/samples/guiAndGfx/snow/snow.ec:90:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmap.picture, buffer.picture, buffer.sizeBytes);
data/ecere-sdk-0.44.15/samples/guiAndGfx/textScroller/textScroller.ec:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * lines[1024];
data/ecere-sdk-0.44.15/samples/net/SocketRx/socketRx.ec:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1];
data/ecere-sdk-0.44.15/samples/net/SocketSample/socketSample.ec:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1];
data/ecere-sdk-0.44.15/samples/net/SocketSample/socketSample.ec:109:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->string, string, len+1);
data/ecere-sdk-0.44.15/samples/net/SocketTx/socketTX.ec:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1];
data/ecere-sdk-0.44.15/samples/net/SocketTx/socketTX.ec:34:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->string, string, len+1);
data/ecere-sdk-0.44.15/samples/net/XMLSample/xmlSample.ec:59:80: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(!strcmpi(keyWord, "type")) { GetWord(); type = (ObjectType)atoi(keyWord); }
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:144:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:171:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:173:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(caption, "Ecere Web Browser - ");
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:199:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newLocation[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:207:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newLocation, "http:");
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:101:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputFile[MAX_FILENAME];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:249:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendFileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:255:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvFileName[MAX_FILENAME];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:344:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[256] = "";
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:357:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:359:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_LOCATION + 40];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:400:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[20];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:440:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[256] = "", title[256];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:473:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[16];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:475:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "/s");
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:538:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[16];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:540:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(string, "/s");
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:557:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[256] = "";
data/ecere-sdk-0.44.15/samples/net/eCom/mainPanel.ec:54:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostName[256], address[64];
data/ecere-sdk-0.44.15/samples/net/eCom/mainPanel.ec:169:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[256] = "";
data/ecere-sdk-0.44.15/samples/net/eirc/console.ec:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentCommand[256];
data/ecere-sdk-0.44.15/samples/net/eirc/console.ec:305:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_F_STRING];
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:25:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tokens[10];
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:52:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[1024];
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:79:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuf, "QUIT :");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:94:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuf, "JOIN ");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:130:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[513];
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:131:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tokens[10];
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:134:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, recvBuffer, count);
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:178:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:180:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, recvBuffer, count);
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:95:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[1024];
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:96:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:97:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addedPath[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:109:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digits[3];
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:129:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(reply, "HTTP/1.1 301 Moved Permantently\r\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:131:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reply, "Location: ");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:133:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reply, "/\r\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:134:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reply, "Content-Length: 0\r\n\r\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:139:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexFile[MAX_LOCATION];
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:165:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(reply, "HTTP/1.1 404 Not Found\r\nContent-Length: 0\r\n\r\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:169:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[MAX_EXTENSION];
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:171:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(reply, "HTTP/1.1 200 OK\r\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:175:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reply, "Content-Type: text/html\r\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:177:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reply, "Content-Type: text/plain\r\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:178:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strchr(reply, 0), "Content-Length: %d\r\n\r\n", size);
data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkServer/server.ec:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[1]; // Rest follows, null terminated
data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkServer/server.ec:85:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
enum PacketType { open, close, read, size };
data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkServer/server.ec:115:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
case open:
data/ecere-sdk-0.44.15/samples/net/smtp/smtp.ec:54:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/ecere-sdk-0.44.15/samples/scanning/wiaTest/wiaTest.ec:28:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/ecere-sdk-0.44.15/samples/scanning/wiaTest/wiaTest.ec:29:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "File://%p", scannedImage);
data/ecere-sdk-0.44.15/samples/scanning/wiaTest/wiaTest.ec:82:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/ecere-sdk-0.44.15/samples/scanning/wiaTest/wiaTest.ec:86:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "File://%p", scannedImage); // 'File://' lets you use a File pointer as a file name
data/ecere-sdk-0.44.15/samples/threads/threadsAndListBoxes/blank.ec:5:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[400];
data/ecere-sdk-0.44.15/samples/threads/threadsAndListBoxes/blank.ec:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1];
data/ecere-sdk-0.44.15/samples/threads/threadsAndListBoxes/blank.ec:136:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/ecere-sdk-0.44.15/audio/mixer.ec:39:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:121:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:893:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = cppOptionsLen + 1 + strlen(arg);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:908:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:914:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:965:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:965:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:981:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:987:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecc/bootstrap/ecc.c:1043:1: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(defaultOutputFile, "");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:101:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:120:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsprintf(string + strlen(string), format, args);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:192:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = key ? strlen(key) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:759:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:761:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, "\n");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:780:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(nodeString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:782:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:786:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BTNode.c:790:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:109:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:501:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int read;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:510:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(bufferPos + readCount - bufferCount > read && (bufferPos + readCount - bufferCount < bufferCount))
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:518:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(bufferCount + read > __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->bufferSize)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:548:204: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__internal_VirtualMethod ? __internal_VirtualMethod(__ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->handle, __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->buffer + bufferCount, 1, read) : (int)1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:551:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bufferCount += read;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:552:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(!read)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:700:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:744:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read < __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->bufferCount * 2)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:746:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read > __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->bufferSize)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:771:263: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__internal_VirtualMethod ? __internal_VirtualMethod(__ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->handle, __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->buffer + __ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->bufferCount, 1, read) : (int)1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/BufferedFile.c:774:75: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__ecerePointer___ecereNameSpace__ecere__sys__BufferedFile->bufferCount += read;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:86:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:220:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:889:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ich = fgetc(__ecerePointer___ecereNameSpace__ecere__sys__File->input);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1013:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = strlen(text);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/File.c:1476:73: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__internal_VirtualMethod ? __internal_VirtualMethod((*this), buffer, 1, read) : (int)1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:203:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:211:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
extern char * strncpy(char * , const char * , size_t n);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:251:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(string); c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:266:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:291:1: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(output, "/");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:296:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:329:1: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(output, "");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:356:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(rest, string + c, strlen(string + c) + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:357:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(rest); c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:369:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:376:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(output, string + c, strlen(string + c) + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:379:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:391:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(output, string + c, strlen(string + c) + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:399:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(string) - 1; c >= 0 && string[c] == ' '; c--)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:416:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(output, src, strlen(src) + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:417:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:427:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int c = strlen(fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:433:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(archiveName, fileName + 1, c - 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:441:1: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(archiveName, ":");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:452:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:528:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int subLen = strlen(subStr);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:557:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int subLen = strlen(subStr);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:782:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, ".");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:839:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urlFileName = fileName + strlen(fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:934:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName) - 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:952:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:992:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1000:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strLen + strlen(directory) > (797) - 3)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1006:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1047:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urlFileName = fileName + strlen(fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1144:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName) - 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1204:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1217:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strLen + strlen(directory) > (797) - 3)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1223:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1243:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destination, path, strlen(path) + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1273:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(destination);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1699:156: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((struct __ecereNameSpace__ecere__sys__ZString *)(((char *)__ecereInstance1 + __ecereClass___ecereNameSpace__ecere__sys__ZString->offset)))->len = value ? strlen(value) : 0, ((struct __ecereNameSpace__ecere__sys__ZString *)(((char *)__ecereInstance1 + __ecereClass___ecereNameSpace__ecere__sys__ZString->offset)))->_string = (char *)value, ((struct __ecereNameSpace__ecere__sys__ZString *)(((char *)__ecereInstance1 + __ecereClass___ecereNameSpace__ecere__sys__ZString->offset)))->allocType = 0, __ecereInstance1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/String.c:1713:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__ecereMethod___ecereNameSpace__ecere__sys__ZString_copyString(this, value, value ? strlen(value) : 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/System.c:86:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:111:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:399:145: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(buffer, __ecerePointer___ecereNameSpace__ecere__sys__TempFile->buffer + __ecerePointer___ecereNameSpace__ecere__sys__TempFile->position, read);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:400:68: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__ecerePointer___ecereNameSpace__ecere__sys__TempFile->position += read;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:401:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read / size;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:440:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return !__ecerePointer___ecereNameSpace__ecere__sys__TempFile->eof && read != 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/TempFile.c:463:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:105:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:243:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:709:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:820:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(string) - 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:856:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(newData);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:874:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(newData);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1536:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1556:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = strlen(result);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1883:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = this ? strlen(this->string) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1920:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:1966:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*string = __ecereNameSpace__ecere__com__eSystem_Renew(newString, sizeof(char) * (strlen(newString) + 1));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2001:148: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(bytes, __ecerePointer___ecereNameSpace__ecere__com__SerialBuffer->_buffer + __ecerePointer___ecereNameSpace__ecere__com__SerialBuffer->pos, read);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2002:67: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__ecerePointer___ecereNameSpace__ecere__com__SerialBuffer->pos += read;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2003:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2539:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(memberString, "f");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2679:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(tempString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2682:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempString, "\"");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/dataTypes.c:2702:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempString, "\"");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:86:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:704:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
extern char * strncpy(char * , const char * , size_t n);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:708:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:794:16: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
extern char * strncat(char * , const char * , size_t n);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:954:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(source);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:3382:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:3406:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = (int)strlen(name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:3913:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:3937:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = (int)strlen(name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:4451:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(moduleName) - 3;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:4749:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:4861:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * colons = __ecereNameSpace__ecere__sys__RSearchString(name, "::", strlen(name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5412:4: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5419:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ident, paramStart, end + 1 - paramStart);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5500:4: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5505:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
memcpy(value, equal, paramEnd - equal);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5505:33: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
memcpy(value, equal, paramEnd - equal);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5506:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
value[paramEnd - equal] = 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5549:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * endQuote = value + strlen(value) - 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:5742:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(templateString);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6062:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("strlen", "uintsize strlen(const char *)", strlen, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6064:119: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("strncat", "char * strncat(char *, const char *, uintsize n)", strncat, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6080:119: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
__ecereNameSpace__ecere__com__eSystem_RegisterFunction("strncpy", "char * strncpy(char *, const char *, uintsize n)", strncpy, module, 4);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6365:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(noTemplateName, name, templateParams - name);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6403:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
templatedClass->name = __ecereNameSpace__ecere__sys__CopyString(templatedClass->fullName + strlen(_class->fullName) - strlen(_class->name));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecere/bootstrap/instance.c:6403:119: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
templatedClass->name = __ecereNameSpace__ecere__sys__CopyString(templatedClass->fullName + strlen(_class->fullName) - strlen(_class->name));
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:173:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2757:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = cppOptionsLen + 1 + strlen(arg);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2772:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2778:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2820:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2820:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2836:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecp/bootstrap/ecp.c:2842:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:204:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:1405:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2098:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(!read)
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:2108:67: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__internal_VirtualMethod ? __internal_VirtualMethod(f, buffer, 1, read) : (int)1;
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3083:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgid);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3091:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgctxt);
data/ecere-sdk-0.44.15/compiler/bootstrap/ecs/bootstrap/ecs.c:3099:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgstr);
data/ecere-sdk-0.44.15/compiler/bootstrap/include/stdio.h:27:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE *stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:161:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:194:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
extern char * strncpy(char * , const char * , size_t n);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:290:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
defaultNameSpaceLen = s ? strlen(s) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:296:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
currentNameSpaceLen = s ? strlen(s) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:1218:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(className);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2771:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2778:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(context);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2827:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenString = strlen(string), lenContext = strlen(context);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2827:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenString = strlen(string), lenContext = strlen(context);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2902:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:2962:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(string) - 1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3050:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(templateString, "<");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3097:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3226:94: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = __ecereNameSpace__ecere__sys__RSearchString(spec->__anon1.__anon1.name, "::", strlen(spec->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3364:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!strncmp(name, className, strlen(className)))
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3565:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(inst->exp->__anon1.__anon1.identifier->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3626:100: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * colon = __ecereNameSpace__ecere__sys__RSearchString(spec->__anon1.__anon1.name, "::", strlen(spec->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3664:94: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = __ecereNameSpace__ecere__sys__RSearchString(spec->__anon1.__anon1.name, "::", strlen(spec->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3721:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3807:100: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * colon = __ecereNameSpace__ecere__sys__RSearchString(spec->__anon1.__anon1.name, "::", strlen(spec->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:3868:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4019:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(id->string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4114:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(id->string) - 1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4266:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name) - 2;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4269:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(external->__anon1.importString, name + 1, len);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:4398:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
currentNameSpaceLen = currentNameSpace ? strlen(currentNameSpace) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ast.c:5174:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(name[strlen(name) - 1] == '&')
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:136:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1485:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(exp->__anon1.db.table);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1500:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(exp->__anon1.db.table);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1515:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(exp->__anon1.db.table);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/dbpass.c:1612:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(table->name);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/ecdefs.c:86:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c:179:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c:304:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/expression.c:1590:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = constant ? strlen(constant) : 0;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:187:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:310:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:5453:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(constant);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9521:167: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = yyvsp[(1) - (1)].specifier->__anon1.__anon1.name ? __ecereNameSpace__ecere__sys__RSearchString(yyvsp[(1) - (1)].specifier->__anon1.__anon1.name, "::", strlen(yyvsp[(1) - (1)].specifier->__anon1.__anon1.name), 1, 0) : (((void *)0));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9538:116: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = __ecereNameSpace__ecere__sys__RSearchString(yyvsp[(1) - (4)].specifier->__anon1.__anon1.name, "::", strlen(yyvsp[(1) - (4)].specifier->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9550:116: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = __ecereNameSpace__ecere__sys__RSearchString(yyvsp[(1) - (4)].specifier->__anon1.__anon1.name, "::", strlen(yyvsp[(1) - (4)].specifier->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9562:116: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = __ecereNameSpace__ecere__sys__RSearchString(yyvsp[(1) - (4)].specifier->__anon1.__anon1.name, "::", strlen(yyvsp[(1) - (4)].specifier->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9574:116: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = __ecereNameSpace__ecere__sys__RSearchString(yyvsp[(1) - (3)].specifier->__anon1.__anon1.name, "::", strlen(yyvsp[(1) - (3)].specifier->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:9909:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, ")");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:10590:116: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = __ecereNameSpace__ecere__sys__RSearchString(yyvsp[(1) - (3)].specifier->__anon1.__anon1.name, "::", strlen(yyvsp[(1) - (3)].specifier->__anon1.__anon1.name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:12177:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(yyvsp[(1) - (2)].string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/grammar.c:12178:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len2 = strlen(yytext);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:86:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:396:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:398:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
extern char * strncpy(char * , const char * , size_t n);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:974:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(line, line + c, strlen(line + c) + 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:982:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(includeFile, line + 1, c - 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/lexer.c:993:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(includeFile, line + 1, c - 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:216:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
extern char * strncpy(char * , const char * , size_t n);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:226:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1441:8: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * equal;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1451:4: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1807:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1920:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(moduleName, name, (797) - 1);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/loadSymbols.c:1928:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((!module || (module->dllOnly && !loadDllOnly)) && strlen(name) < (274))
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:152:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:241:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2381:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2389:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2531:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * newId = __ecereNameSpace__ecere__com__eSystem_New(sizeof(char) * (strlen(id->string) + strlen("__ecereMethod___ecereNameSpace__") + strlen(symbol->string) + 2));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2531:95: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * newId = __ecereNameSpace__ecere__com__eSystem_New(sizeof(char) * (strlen(id->string) + strlen("__ecereMethod___ecereNameSpace__") + strlen(symbol->string) + 2));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2531:140: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * newId = __ecereNameSpace__ecere__com__eSystem_New(sizeof(char) * (strlen(id->string) + strlen("__ecereMethod___ecereNameSpace__") + strlen(symbol->string) + 2));
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass0.c:2540:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newId, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:205:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1821:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1881:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:1885:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nameM, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2132:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2136:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nameM, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2423:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(watcherName, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2513:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(className, "}");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2534:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(baseName, "}");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2730:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:2867:171: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__internal_VirtualMethod ? __internal_VirtualMethod(__ecereClass___ecereNameSpace__ecere__com__TemplateMemberType, (void *)¶m->__anon1.memberType, memberTypeString + strlen(memberTypeString), (((void *)0)), &needClass) : (const char * )1;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass1.c:3233:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(className, "}");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:256:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:311:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
extern char * strncpy(char * , const char * , size_t n);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:391:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7177:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = __ecereNameSpace__ecere__sys__RSearchString(type->name, "::", strlen(type->name), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7899:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "}");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:7933:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8090:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nsLen = strlen(nameSpace);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8102:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(s) - 1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8234:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "*");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8265:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8403:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__internal_VirtualMethod ? __internal_VirtualMethod(fileInput, expression, 1, strlen(expression)) : (int)1;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8454:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8481:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(name) - 1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8522:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(size, "[");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8527:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(size, "]");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8539:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8546:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "(");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8553:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8563:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, " ");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:8583:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = __ecereNameSpace__ecere__sys__RSearchString(s, "::", strlen(s), 1, 0);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9063:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(className, "<");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9079:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(className);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9109:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(className, "<");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9125:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(className);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9556:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9566:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9882:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:9886:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propNameM, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13286:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:13908:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14679:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:14681:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15633:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(watcherName, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15673:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:15820:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:16097:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__internal_VirtualMethod ? __internal_VirtualMethod(fileInput, definedExp->value, 1, strlen(definedExp->value)) : (int)1;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18022:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass15.c:18555:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1701:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:1742:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2813:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:2961:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3740:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass2.c:3774:1: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c:158:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/pass3.c:327:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(newID);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/shortcuts.c:145:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/shortcuts.c:679:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__internal_VirtualMethod ? __internal_VirtualMethod(fileInput, string, 1, strlen(string)) : (int)1;
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c:181:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc(FILE * stream);
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c:302:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char * );
data/ecere-sdk-0.44.15/compiler/bootstrap/libec/bootstrap/type.c:2701:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = constant ? strlen(constant) : 0;
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:300:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = cppOptionsLen + 1 + strlen(arg);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:314:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:319:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:370:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:370:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:385:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:390:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/ecc/ecc.ec:447:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(defaultOutputFile, "");
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1382:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = cppOptionsLen + 1 + strlen(arg);
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1396:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1401:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1443:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1443:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + strlen(arg1) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1458:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = cppOptionsLen + 1 + strlen(arg) * 2 + 1;
data/ecere-sdk-0.44.15/compiler/ecp/ecp.ec:1463:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cppOptionsLen = cppOptionsLen + 1 + strlen(buf);
data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec:18:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec:41:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgid);
data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec:50:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgctxt);
data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec:59:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgstr);
data/ecere-sdk-0.44.15/compiler/ecs/cleanPo.ec:66:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:41:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:430:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(!read) break;
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:431:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f.Write(buffer, 1, read);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1060:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1767:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(&file[1], read);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1820:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(&file[1], read);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1889:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1909:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgid);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1916:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgctxt);
data/ecere-sdk-0.44.15/compiler/ecs/ecs.ec:1923:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msgstr);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:9:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
public void SetDefaultNameSpace(const char * s) { defaultNameSpace = s; defaultNameSpaceLen = s ? strlen(s) : 0; }
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:23:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
public void SetCurrentNameSpace(const char * s) { currentNameSpace = s; currentNameSpaceLen = s ? strlen(s) : 0; }
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:67:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(string)-1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:293:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:296:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(context) { len = strlen(context); pair.context = new byte[len-2+1]; memcpy(pair.context, context+1, len-2); pair.context[len-2] = '\0'; }
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:318:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenString = strlen(string), lenContext = strlen(context);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:318:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenString = strlen(string), lenContext = strlen(context);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:691:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = RSearchString(spec.name, "::", strlen(spec.name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:765:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(inst.exp.identifier.string);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:812:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:871:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * colon = RSearchString(spec.name, "::", strlen(spec.name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:905:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = RSearchString(spec.name, "::", strlen(spec.name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:956:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1038:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * colon = RSearchString(spec.name, "::", strlen(spec.name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1233:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(id.string);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1297:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name) - 2;
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1299:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(external.importString, name+1, len);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1346:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
currentNameSpaceLen = currentNameSpace ? strlen(currentNameSpace) : 0;
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1361:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(templateString, "<");
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1427:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1474:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!strncmp(name, className, strlen(className)))
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1591:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(id.string)-1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:1784:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(className);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2186:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringLen = strlen(name);
data/ecere-sdk-0.44.15/compiler/libec/src/ast.ec:2756:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(name[strlen(name)-1] == '&')
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:169:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(exp.db.table);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:183:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(exp.db.table);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:197:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(exp.db.table);
data/ecere-sdk-0.44.15/compiler/libec/src/dbpass.ec:721:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(table.name);
data/ecere-sdk-0.44.15/compiler/libec/src/expression.ec:3182:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/ecere-sdk-0.44.15/compiler/libec/src/expression.ec:4772:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = constant ? strlen(constant) : 0;
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:11266:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:15639:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(constant);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:19648:113: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = (yyvsp[(1) - (1)].specifier).name ? RSearchString((yyvsp[(1) - (1)].specifier).name, "::", strlen((yyvsp[(1) - (1)].specifier).name), true, false) : null;
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:19668:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = RSearchString((yyvsp[(1) - (4)].specifier).name, "::", strlen((yyvsp[(1) - (4)].specifier).name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:19682:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = RSearchString((yyvsp[(1) - (4)].specifier).name, "::", strlen((yyvsp[(1) - (4)].specifier).name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:19696:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = RSearchString((yyvsp[(1) - (4)].specifier).name, "::", strlen((yyvsp[(1) - (4)].specifier).name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:19710:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = RSearchString((yyvsp[(1) - (3)].specifier).name, "::", strlen((yyvsp[(1) - (3)].specifier).name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:20024:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, ")");
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:20777:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colon = RSearchString((yyvsp[(1) - (3)].specifier).name, "::", strlen((yyvsp[(1) - (3)].specifier).name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:22268:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen((yyvsp[(1) - (2)].string));
data/ecere-sdk-0.44.15/compiler/libec/src/grammar.ec:22269:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len2 = strlen(yytext);
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:1384:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3561:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(line, line+c, strlen(line+c)+1);
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3569:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(includeFile, line+1, c-1);
data/ecere-sdk-0.44.15/compiler/libec/src/lexer.ec:3580:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(includeFile, line+1, c-1);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:135:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpenBuffered(fileName, read);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:300:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * equal;
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:309:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:626:31: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:737:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(moduleName, name, MAX_LOCATION-1);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:747:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((!module || (module.dllOnly && !loadDllOnly)) && strlen(name) < MAX_FILENAME)
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:933:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file = FileOpen(location, read);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:948:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file = FileOpen(location, read);
data/ecere-sdk-0.44.15/compiler/libec/src/loadSymbols.ec:959:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file = FileOpen(location, read);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:30:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1236:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1246:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1463:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * newId = new char[strlen(id.string) + strlen("__ecereMethod___ecereNameSpace__") + strlen(symbol.string) + 2];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1463:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * newId = new char[strlen(id.string) + strlen("__ecereMethod___ecereNameSpace__") + strlen(symbol.string) + 2];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1463:108: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * newId = new char[strlen(id.string) + strlen("__ecereMethod___ecereNameSpace__") + strlen(symbol.string) + 2];
data/ecere-sdk-0.44.15/compiler/libec/src/pass0.ec:1477:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newId, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:421:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:494:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:499:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nameM, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:815:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:820:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(nameM, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1015:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(watcherName, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1107:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(className, "}");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1137:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(baseName, "}");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1403:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1566:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param.memberType.OnGetString(memberTypeString + strlen(memberTypeString), null, &needClass);
data/ecere-sdk-0.44.15/compiler/libec/src/pass1.ec:1968:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(className, "}");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:52:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = strlen(string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1585:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1596:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:1953:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2098:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2100:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2584:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(first) strcat(className, "<");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2599:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(className);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2626:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(first) strcat(className, "<");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:2641:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(className);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:4310:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:5496:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6834:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nsLen = strlen(nameSpace);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6845:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(s)-1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6870:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(name)-1; c >= 0; c--)
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6985:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(size, "[");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:6990:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(size, "]");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7050:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string,"}");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7084:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7107:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = RSearchString(type.name, "::", strlen(type.name), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7142:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "*");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7156:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7162:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "(");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7168:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7182:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, " ");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7200:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = RSearchString(s, "::", strlen(s), true, false);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7276:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileInput.Write(expression, 1, strlen(expression));
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:7431:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:8086:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileInput.Write(definedExp.value, 1, strlen(definedExp.value));
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10228:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:10844:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(templateString);
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12141:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12146:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propNameM, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12871:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(watcherName, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:12917:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass15.ec:13080:28: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propName, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:245:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:296:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1686:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:1878:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2834:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass2.ec:2870:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/ecere-sdk-0.44.15/compiler/libec/src/pass3.ec:412:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(newID);
data/ecere-sdk-0.44.15/compiler/libec/src/shortcuts.ec:180:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileInput.Write(string, 1, strlen(string));
data/ecere-sdk-0.44.15/compiler/libec/src/type.ec:3601:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/ecere-sdk-0.44.15/compiler/libec/src/type.ec:5462:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = constant ? strlen(constant) : 0;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:78:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * d = templateString + strlen(templateString);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:180:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(string[strlen(string)-1] == '(')
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:181:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "*");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:217:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string,"}");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:256:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, " ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:268:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = RSearchString(type.name, "::", strlen(type.name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:280:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "(");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:286:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:327:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(size, "[");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:333:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(size, "]");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:367:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:374:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, " ");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:389:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "(");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:391:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:400:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "(");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:406:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ")");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:507:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:510:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:513:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:522:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:571:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "/");
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:634:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * name = RSearchString(function.name, "::", strlen(function.name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:671:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * name = RSearchString(((Property)data).name, "::", strlen(((Property)data).name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:731:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:941:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * name = RSearchString(function.name, "::", strlen(function.name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:1199:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = RSearchString(prop.name, "::", strlen(prop.name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2021:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * name = ( name = RSearchString(fn.name, "::", strlen(fn.name), false, false), name ? name + 2 : fn.name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2044:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = ( name = RSearchString(def.name, "::", strlen(def.name), false, false), name ? name + 2 : def.name);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2210:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = RSearchString(prop.name, "::", strlen(prop.name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2433:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(moduleName) - 3;
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2819:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * name = RSearchString(function.name, "::", strlen(function.name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:2917:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * name = RSearchString(((Property)data).name, "::", strlen(((Property)data).name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3018:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * name = RSearchString(function.name, "::", strlen(function.name), true, false);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3079:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textBlock.textLen = strlen(textBlock.text);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:3374:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4666:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * end = s + strlen(typeName);
data/ecere-sdk-0.44.15/documentor/src/Documentor.ec:4667:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int swapLen = strlen(swap);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:33:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/documentor/tools/ear-to-econ-ecdoc.ec:564:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(moduleName) - 3;
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:65:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "\n");
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:86:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, "\n");
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:151:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File input = FileOpen(path, read);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:265:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
existingFile = existingFilePath + strlen(existingFilePath);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:530:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archivePathLen = strlen(archivePath);
data/ecere-sdk-0.44.15/ear/cmd/ear.ec:806:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
existingFile = existingFilePath + strlen(existingFilePath);
data/ecere-sdk-0.44.15/ear/cmd/emear.ec:23:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, " ");
data/ecere-sdk-0.44.15/ear/cmd/emear.ec:26:26: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(quote) strcat(command, "\"");
data/ecere-sdk-0.44.15/ear/cmd/emear.ec:28:26: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(quote) strcat(command, "\"");
data/ecere-sdk-0.44.15/ear/extract/extract.ec:69:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File input = FileOpen(path, read);
data/ecere-sdk-0.44.15/ear/extract/extract.ec:174:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(!output[0]) strcpy(output, ".");
data/ecere-sdk-0.44.15/ear/extract/extract.ec:302:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(archive, ":");
data/ecere-sdk-0.44.15/ear/extract/extract.ec:303:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(archivePath, ":");
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:14:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsprintf(string+strlen(string),format,args);
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:246:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = key ? strlen(key) : 0;
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:554:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:556:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, "\n");
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:575:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(nodeString);
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:577:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:581:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/ecere/src/com/BTNode.ec:586:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, " ");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:7:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:27:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:52:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:74:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(output, "/");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:79:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:113:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(output, "");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:139:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(rest, string + c, strlen(string + c) + 1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:140:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(rest); c >= 0; c--)
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:153:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:160:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(output, string+c, strlen(string+c)+1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:164:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:175:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int c = strlen(fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:179:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(archiveName, fileName + 1, c - 1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:187:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(archiveName, ":");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:219:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urlFileName = fileName + strlen(fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:328:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName) - 1;
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:382:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:392:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strLen + strlen(directory) > MAX_LOCATION - 3)
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:399:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:439:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urlFileName = fileName + strlen(fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:546:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName) - 1;
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:602:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strLen = strlen(fileName);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:617:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strLen + strlen(directory) > MAX_LOCATION - 3)
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:624:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, "/");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:644:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destination, path, strlen(path)+1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:678:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(destination);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:687:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(string); c>=0; c--)
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:704:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(output, ".");
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:773:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int subLen = strlen(subStr);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:808:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int subLen = strlen(subStr);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:984:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(output, string + c, strlen(string+c)+1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:991:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(string)-1; c >= 0 && string[c] == ' '; c--);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1028:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1102:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(output, src, strlen(src)+1);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1103:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1240:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set { copyString(value, value ? strlen(value) : 0); }
data/ecere-sdk-0.44.15/ecere/src/com/String.ec:1251:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = value ? strlen(value) : 0;
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:159:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(bytes, _buffer + pos, read);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:160:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pos += read;
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:161:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:635:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(memberString, "f");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:781:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(tempString);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:783:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempString, "\"");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:803:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempString, "\"");
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2040:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2182:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(string)-1;
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2259:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint len = this ? strlen(string) : 0;
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2300:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(newData);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2317:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(newData);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2356:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2382:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*string = renew newString char[strlen(newString)+1];
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2449:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(result);
data/ecere-sdk-0.44.15/ecere/src/com/dataTypes.ec:2468:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = strlen(result);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:176:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((ch = fgetc(p)) == EOF)
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:227:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nameLen = strlen(name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:232:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathLen = strlen(path);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:271:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nameLen = strlen(name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:293:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathLen = strlen(path);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:297:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nameLen = strlen(name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:343:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nameLen = strlen(name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.c:349:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathLen = strlen(path);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2415:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:2568:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * colons = RSearchString(name, "::", strlen(name), true, false);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3433:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(noTemplateName, name, templateParams - name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3468:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
templatedClass.name = CopyString(templatedClass.fullName + strlen(_class.fullName) - strlen(_class.name));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3468:101: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
templatedClass.name = CopyString(templatedClass.fullName + strlen(_class.fullName) - strlen(_class.name));
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3600:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3606:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ident, paramStart, end + 1 - paramStart);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3696:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3700:30: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
memcpy(value, equal, paramEnd - equal);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3700:48: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
memcpy(value, equal, paramEnd - equal);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3701:33: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
value[paramEnd - equal] = 0;
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3744:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * endQuote = value + strlen(value) - 1;
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:3947:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(templateString);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:4665:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
allocateClass = malloc(strlen(_class.name)+1);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:5618:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(moduleName) - 3;
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6041:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6065:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = (int)strlen(name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6100:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spaceName, name + start, c - start);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6124:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = (int)strlen(name);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6557:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eSystem_RegisterFunction("strlen", "uintsize strlen(const char *)", strlen, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6559:92: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
eSystem_RegisterFunction("strncat", "char * strncat(char *, const char *, uintsize n)", strncat, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:6587:92: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
eSystem_RegisterFunction("strncpy", "char * strncpy(char *, const char *, uintsize n)", strncpy, module, baseSystemAccess);
data/ecere-sdk-0.44.15/ecere/src/com/instance.ec:7349:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(source);
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1838:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1838:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1925:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1925:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1993:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:1993:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2067:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2067:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2135:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2135:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object.name = new char[strlen(block.dummyName) + strlen(model.name) + 2];
data/ecere-sdk-0.44.15/ecere/src/gfx/3D/models/Object3DSFormat.ec:2237:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info.f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/gfx/Bitmap.ec:537:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/gfx/BitmapResource.ec:139:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteTextDots(alignment, x + 24, y + 1, width - 24, string, strlen(string));
data/ecere-sdk-0.44.15/ecere/src/gfx/Color.ec:125:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteTextDots(alignment, x + 24, y + 1, width - 24, string, strlen(string));
data/ecere-sdk-0.44.15/ecere/src/gfx/DisplaySystem.ec:271:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item.name = new char[strlen(name) + 1];
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:323:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
driver.WriteText(display, this, x,y, text, strlen(text), 0, null);
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:339:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/ecere-sdk-0.44.15/ecere/src/gfx/Surface.ec:398:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteTextDots(alignment, x,y, width, text, strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/BMPFormat.ec:488:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/PCXFormat.ec:320:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/gfx/bitmaps/RGBFormat.ec:24:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32BitmapPrinterDisplayDriver.ec:13:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32BitmapPrinterDisplayDriver.ec:20:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32BitmapPrinterDisplayDriver.ec:281:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Escape(gdiDisplay.hdc, STARTDOC, strlen(docName), docName, null ) > 0)
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32PrinterDisplayDriver.ec:13:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32PrinterDisplayDriver.ec:18:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/Win32PrinterDisplayDriver.ec:301:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Escape(gdiSystem.hdc, STARTDOC, strlen(docName), docName, null ) > 0)
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/gl_compat_4_4.c:19:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
symbolName = malloc(strlen((const char*)name) + 2);
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec:75:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsLen = value ? strlen(value) : 0;
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec:86:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fsLen = value ? strlen(value) : 0;
data/ecere-sdk-0.44.15/ecere/src/gfx/drivers/gl3/shaders.ec:103:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(file, read);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:60:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = (int)(occurrence - entryName) + strlen((char *)font->elfFullName); ; c++)
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:112:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
linkCfg = FileOpen(linkCfgPath, read);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:123:29: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if(flags.italic) strcat(fileName, "i");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:144:32: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if(flags.italic) strcat(fileName, "i");
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:286:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(faceName);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontManagement.ec:294:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:13:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:24:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ecere/src/gfx/fontRendering.ec:280:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File file = FileOpen/*Buffered*/(info.fileName, read);
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:41:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(stringOutput)-1;
data/ecere-sdk-0.44.15/ecere/src/gui/Anchor.ec:129:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(stringOutput)-1;
data/ecere-sdk-0.44.15/ecere/src/gui/Interface.ec:148:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(tab+1),tw;
data/ecere-sdk-0.44.15/ecere/src/gui/Interface.ec:149:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(tab+1, strlen(tab + 1), &tw, null);
data/ecere-sdk-0.44.15/ecere/src/gui/Interface.ec:170:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x+1,y+1, text,strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/Interface.ec:174:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x,y, text, strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/Key.ec:31:37: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case keyPadPlus: return equal | result;
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:949:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(caption, "[");
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:960:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(caption, "]");
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:8454:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
caption = new char[strlen(value)+1];
data/ecere-sdk-0.44.15/ecere/src/gui/Window.ec:10056:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(string)-1;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Button.ec:136:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(text, strlen(text),&tw, &th);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Button.ec:347:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteTextDots(alignment, x, y, width, text, strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Button.ec:671:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(font,text,strlen(text), &captionWidth, &captionHeight);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:877:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(line.buffer)+1;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:883:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lineLen = strlen(line.buffer);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:1202:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keyLen[g][c] = strlen(keyWords[g][c]);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:5326:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this.lines.last, this.lines.count-1, strlen(((EditLine)this.lines.last).buffer));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6396:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Select((void *)line,num,string - line.buffer,(void *)line,num,string - line.buffer + strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6421:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int searchLen = strlen(text);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6427:94: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Select((void *)line,y,string - line.buffer,(void *)line,y,string - line.buffer + strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6517:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(;read < count && line; line = (*&line.next))
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6519:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int numBytes = Min(count - read, (*&line.count) - x);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6522:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(buffer + read, (*&line.buffer) + x, numBytes);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6534:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read < count)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6553:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pos += read;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6554:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read / size;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6575:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(;read < pos && line; line = (*&line.next))
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6577:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int numBytes = Min(pos - read, (*&line.count) - x);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6590:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read < pos)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6600:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read<pos)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6606:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this.pos += read;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6611:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for(;read < pos && line; line = (*&line.prev))
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6613:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int numBytes = Min(pos - read, x);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6626:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read < pos)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6636:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read<pos)
data/ecere-sdk-0.44.15/ecere/src/gui/controls/EditBox.ec:6642:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this.pos -= read;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Label.ec:87:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(fontObject, string, strlen(string), &width, &height);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Label.ec:148:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(caption, strlen(caption), &tw, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:172:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(boldFont, header, strlen(header), &width, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:189:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(row.header ? boldFont : font, string, strlen(string), &tw, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1623:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = subString ? strlen(subString) : 0;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1658:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = subString ? strlen(subString) : 0;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1683:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int stringLen = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:1710:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = subString ? strlen(subString) : 0;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:2660:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(field.header, strlen(field.header), &tw, &th);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:3159:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(row.header ? boldFont : font, string, strlen(string), &tw, &th);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ListBox.ec:4157:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = keyHit ? 0 : strlen(typedString);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:99:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(accelString, "0");
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:102:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accelString[strlen(accelString)] = (char)('1' + value.code - k1);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:103:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accelString[strlen(accelString)+1] = 0;
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:111:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(accelString);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:120:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(text);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:122:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newText = new char[length+strlen(accelString)+1];
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:818:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FontExtent(display, fontObject, ITEM_TEXT(nextItem), strlen(ITEM_TEXT(nextItem)), &len, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:828:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FontExtent(display, fontObject, ITEM_TEXT(item), strlen(ITEM_TEXT(item)), &len, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:965:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FontExtent(display, fontObject, ITEM_TEXT(nextItem), strlen(ITEM_TEXT(nextItem)), &len, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:976:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FontExtent(display, fontObject, text, text ? strlen(text) : 0, &len, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:1119:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(ITEM_TEXT(nextItem), strlen(ITEM_TEXT(nextItem)), &len, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:1243:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(ITEM_TEXT(item), strlen(ITEM_TEXT(item)), &len, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:1611:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FontExtent(display, font,ITEM_TEXT(item),strlen(ITEM_TEXT(item)),&width, &height);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Menu.ec:1641:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FontExtent(display, font,menu.text,strlen(menu.text),&width, &height);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:197:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(browsePath, browseDialog.filePath, MAX_LOCATION); browsePath[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ecere/src/gui/controls/PathBox.ec:211:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(browsePath, path, MAX_LOCATION); browsePath[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ecere/src/gui/controls/Picture.ec:176:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case equal:
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ProgressBar.ec:38:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(text, strlen(text), &w, &h);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/ProgressBar.ec:39:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(Max(pos - w, 0), (clientSize.h - h) / 2, text, strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/StatusBar.ec:127:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(field.text, strlen(field.text), &tw, null);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/StatusBar.ec:218:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(value);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/TabControl.ec:165:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(text, strlen(text),&tw, &th);
data/ecere-sdk-0.44.15/ecere/src/gui/controls/TabControl.ec:173:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteTextDots(alignment, x, y, width, text, strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/controls/TabControl.ec:343:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size.w - (buttonsSize + border + 4), name, strlen(name));
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ColorPicker.ec:689:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(control.contents) <= 6)
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:195:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(alignment, x + textOffset, y + 2, width - textOffset, name, strlen(name));
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:219:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(newData.name) + 1;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:227:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string) + 1;
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:741:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
totalLen += strlen(fileName->name);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:754:44: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(item != selection.first) strcat(*selectedFileName, " ");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:755:40: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(selection.count > 1) strcat(*selectedFileName, "\"");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:773:40: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(selection.count > 1) strcat(*selectedFileName, "\"");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:800:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*selectedFileName = new char[strlen(fileName->name) + 1];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:943:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat((char *)customFilter.extensions, ".");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:993:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
selection = OldLink { data = new char[strlen(currentFileName)+1] };
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1032:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*path = new char[strlen(currentFileName)+1];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1155:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirOccur += strlen(currentDirectory);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1269:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
selectedFileName = new char[strlen(fileName)+1];
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/FileDialog.ec:1452:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(currentDirectory, "/");
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/MessageBox.ec:29:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(value);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/MessageBox.ec:169:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(fontObject, line.string, strlen(line.string), (int *)&size.w, (int *)&size.h);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec:121:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this.x += strlen(replaceString) - (newSel2X - newSel1X);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec:306:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
searchLen = strlen(searchString);
data/ecere-sdk-0.44.15/ecere/src/gui/dialogs/ReplaceDialog.ec:307:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replaceLen = strlen(replaceString);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:170:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read(msgread, &cmd, sizeof(cmd)) == sizeof(cmd))
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/AndroidInterface.ec:854:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clipBoard.text = new char[strlen(clipBoardData)+1];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/EmscriptenInterface.ec:389:33: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case 187: case 61: key = equal; break; // FF: 61
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/NCursesInterface.ec:46:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
space,k1,quote,k3,k4,k5,k7,quote,k9,k0,k8,equal,comma,minus,period,slash,
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/NCursesInterface.ec:47:60: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
k0,k1,k2,k3,k4,k5,k6,k7,k8,k9,semicolon,semicolon,comma,equal,period,slash,
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:767:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case XK_equal: key = equal; break;
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:1967:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req->target/*req->_property*/,8,PropModeReplace, (byte *) clipBoardData, strlen(clipBoardData));
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:2605:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atoms[utf8_string], 8, PropModeReplace, (byte *)window.caption, caption ? strlen(caption) : 0);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:2607:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atoms[utf8_string], 8, PropModeReplace, (byte *)window.caption, caption ? strlen(caption) : 0);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:2914:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atoms[utf8_string], 8, PropModeReplace, (byte *)name, name ? strlen(name) : 0);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:2916:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atoms[utf8_string], 8, PropModeReplace, (byte *)name, name ? strlen(name) : 0);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:3398:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clipBoard.text = new char[strlen(clipBoardData)+1];
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:3444:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(clipBoard.text, (char *)data, size);
data/ecere-sdk-0.44.15/ecere/src/gui/drivers/XInterface.ec:3510:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(joystickFD[device] && read(joystickFD[device], &js, JS_RETURN) == JS_RETURN)
data/ecere-sdk-0.44.15/ecere/src/gui/skins/AquaSkin.ec:639:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size.w - (buttonsSize + border + NAME_OFFSETX /*4*/), name, strlen(name));
data/ecere-sdk-0.44.15/ecere/src/gui/skins/TVisionSkin.ec:243:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) * textCellW >= w - 8 * textCellW)
data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec:5:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec:9:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec:413:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size.w - (buttonsSize + border + 4), name, strlen(name));
data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec:650:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(text, strlen(text),&tw, &th);
data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec:837:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(text, strlen(text),&tw, &th);
data/ecere-sdk-0.44.15/ecere/src/gui/skins/WindowsSkin.ec:863:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteTextDots(alignment, x, y, width, text, strlen(text));
data/ecere-sdk-0.44.15/ecere/src/gui/typeEdit.ec:92:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:175:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!strnicmp(string, "chunked", strlen("chunked")))
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:195:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:211:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:219:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!strnicmp(string, "close", strlen("close")))
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:228:22: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(file.relocation, (const char *)buffer + 10, c - 10);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:253:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:300:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read = Min(read, file.chunkSize);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:301:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.chunkSize -= read;
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:303:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read)
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:305:60: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(file.buffer + file.bufferCount, buffer, read);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:306:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.bufferCount += read;
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:308:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:378:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(relocation && !fileName && name[strlen(name)-1] != '/')
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:382:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(relocation, "/");
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:522:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:554:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:726:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!eof && read < readSize && !aborted)
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:729:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
numbytes = Min(numbytes, readSize - read);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:736:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(buffer + read, this.buffer + bufferPos, numbytes);
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:769:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read / size;
data/ecere-sdk-0.44.15/ecere/src/net/HTTPFile.ec:780:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return !eof && read != 0;
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:67:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static enum NetworkClientPacketType { open, close, read, getSize };
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:485:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fileName);
data/ecere-sdk-0.44.15/ecere/src/net/NetworkClientFile.ec:499:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
XDWORD(NetworkClientPacketType::read),
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:386:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return Send(string, (int)strlen(string));
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:397:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = Send(string, (int)strlen(string));
data/ecere-sdk-0.44.15/ecere/src/net/Socket.ec:575:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this.address = new char[strlen(address)+1];
data/ecere-sdk-0.44.15/ecere/src/net/dcom.ec:622:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)(strlen(_class.name) + 4 - strlen("DCOMClient_"));
data/ecere-sdk-0.44.15/ecere/src/net/dcom.ec:622:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)(strlen(_class.name) + 4 - strlen("DCOMClient_"));
data/ecere-sdk-0.44.15/ecere/src/net/dcom.ec:628:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CopyBytes(packet.className + 4, _class.name + strlen("DCOMClient_"), len-4+1);
data/ecere-sdk-0.44.15/ecere/src/sys/Archive.ec:51:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File file = ::FileOpen(path, read);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:65:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint read;
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:71:63: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(bufferPos + readCount - bufferCount > read && (bufferPos + readCount - bufferCount < bufferCount))
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:79:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(bufferCount + read > bufferSize)
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:92:65: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read = handle.Read(this.buffer + bufferCount, 1, read);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:94:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bufferCount += read;
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:95:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(!read)
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:192:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:224:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read < bufferCount * 2)
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:226:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read > bufferSize)
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:234:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read = handle.Read(this.buffer + bufferCount, 1, read);
data/ecere-sdk-0.44.15/ecere/src/sys/BufferedFile.ec:236:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bufferCount += read;
data/ecere-sdk-0.44.15/ecere/src/sys/Date.ec:202:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len[count] = strlen(value);
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:106:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int read;
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:107:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dp->eof = !ReadFile(dp->inputHandle, buffer, size*count, (DWORD *)&read, null);
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:108:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read / size;
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:111:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fileno(dp->input), buffer, size * count);
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:131:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int read;
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:132:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dp->eof = !ReadFile(dp->inputHandle, ch, 1, (DWORD *)&read, null);
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:133:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return !dp->eof && read != 0;
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:152:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:210:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned int read;
data/ecere-sdk-0.44.15/ecere/src/sys/DualPipe.c:212:65: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dp->eof = !ReadFile(dp->inputHandle, buffer, 0, (DWORD *)&read, null);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:56:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen("resources.ear", read);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:60:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(moduleName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:63:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(archive, read);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:812:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry.nameLen = strlen(namePart);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:955:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newEntry.nameLen = strlen(newName);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1110:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry.nameLen = strlen(name);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1255:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CopyBytes(buffer, this.buffer + position, read * size);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1257:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read = f.Read(buffer, size, read);
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1258:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
position += read * size;
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1259:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1357:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(mode == read)
data/ecere-sdk-0.44.15/ecere/src/sys/EARArchive.ec:1603:129: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((archive.f = fileName ? (flags.buffered ? FileOpenBuffered : FileOpen)(fileName, flags.writeAccess ? readWrite : read) : TempFile { openMode = readWrite } ))
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:137:25: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
volumePathName[wcslen(volumePathName)-1] = 0;
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:458:27: [1] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant
character.
if(dir[0]) wcscat(dir, L"\\");
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:467:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parent, "\\");
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:481:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parent, "\\");
data/ecere-sdk-0.44.15/ecere/src/sys/File.c:540:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(parent, "\\");
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:9:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:78:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:263:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(string, read);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:271:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Write(buffer, 1, read);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:340:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f.Write(buffer, 1, read);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:492:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ich = fgetc(input);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:588:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = strlen(text);
data/ecere-sdk-0.44.15/ecere/src/sys/File.ec:1260:28: [1] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant
character.
if(path[0]) wcscat(dir, L"\\");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:7:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:10:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:277:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(settingsDirectory);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:292:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = new char[strlen(settingsName) + strlen(extension) + 4];
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:292:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * name = new char[strlen(settingsName) + strlen(extension) + 4];
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:295:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(name, ".");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:304:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, ".");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:331:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(settingsFilePath, read);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:586:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenSection = strlen(section);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:587:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenName = strlen(name);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:645:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenSection = strlen(section);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:646:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenName = strlen(name);
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:656:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outputLine, "=");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:666:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outputLine, "\"");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:669:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outputLine, "\"");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:672:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outputLine, ",");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:693:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outputLine, "\n");
data/ecere-sdk-0.44.15/ecere/src/sys/GlobalAppSettings.ec:695:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenOutput = strlen(outputLine);
data/ecere-sdk-0.44.15/ecere/src/sys/JSON.ec:1305:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:137:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(location, path, c);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:157:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locationLen = strlen(location);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:189:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(location, path, c);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:209:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locationLen = strlen(location);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:274:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(envValue, result, max);
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:314:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(!wait) strcat(commandLine, "&");
data/ecere-sdk-0.44.15/ecere/src/sys/System.c:354:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filePath);
data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec:27:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(buffer) memcpy(buffer, this.buffer + position, read);
data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec:29:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
position += read;
data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec:31:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read / size;
data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec:60:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return !eof && read != 0;
data/ecere-sdk-0.44.15/ecere/src/sys/TempFile.ec:71:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:83:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:90:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:95:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:100:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:110:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:117:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:122:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/i18n.ec:127:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ecere/src/sys/unicode.ec:403:79: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen("<:ecere>unicode/derivedGeneralCategoryStripped.txt", read);
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:518:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(value);
data/ecere-sdk-0.44.15/eda/drivers/MySQL.ec:549:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, dFld.myFlds[dFld.fldsPos].org_name, dFld.myFlds[dFld.fldsPos].org_name_length);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:72:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(ub4)strlen((char *)command),
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:170:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = OCIServerAttach(srv, err, name, strlen(name), (ub4) OCI_DEFAULT);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:174:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OCIAttrSet(ses, OCI_HTYPE_SESSION, ds.user, strlen(ds.user), OCI_ATTR_USERNAME, err);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:175:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OCIAttrSet(ses, OCI_HTYPE_SESSION, ds.pass, strlen(ds.pass), OCI_ATTR_PASSWORD, err);
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:323:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(ub4)strlen((char *)command),
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:572:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(ub4)strlen((char *)command),
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:598:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullOrder, "\0");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:611:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(order, "`");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:613:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(order, "`");
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:651:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(ub4)strlen((char *)command),
data/ecere-sdk-0.44.15/eda/drivers/oracle/EDAOracle.ec:1185:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int numBytes = strlen(sqlFld.p_sli);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:703:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text(context, (char *)data, strlen((char *)data), SQLITE_TRANSIENT);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:964:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(indexName, "_");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:974:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(indexName, ".");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1052:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(order, "`");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1054:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(order, "`");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1367:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = sqlite3_bind_text(statement, pos, (char *)data, strlen((char *)data), SQLITE_TRANSIENT);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1410:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(where, "`");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1515:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1535:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1547:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1556:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1610:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1630:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1642:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1651:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, ";");
data/ecere-sdk-0.44.15/eda/drivers/sqlite/EDASQLite.ec:1917:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = sqlite3_bind_text(queryStatement, paramID, (char *)data, strlen((char *)data), SQLITE_TRANSIENT);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2244:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2306:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(p->in);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2317:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(p->in);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2351:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(p->in);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2380:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(p->in);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2387:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(p->in);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2413:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nTable = (int)strlen(zTable);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:2434:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = (int)strlen(zInsert);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3442:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n2 = (int)strlen(zMode);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3566:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mainPrompt,azArg[1],(int)ArraySize(mainPrompt)-1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:3569:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(continuePrompt,azArg[2],(int)ArraySize(continuePrompt)-1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4139:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(azArg[3]));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4151:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
azArg[3], (int)strlen(azArg[3]),
data/ecere-sdk-0.44.15/eda/drivers/sqlite/shell.c:4164:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
azArg[3], (int)strlen(azArg[3]),
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:25348:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return 0x3fffffff & (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:27677:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ "read", (sqlite3_syscall_ptr)read, 0 },
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:28195:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(zAbsoluteName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:30794:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(ii=(int)strlen(zDirname); ii>0 && zDirname[ii]!='/'; ii--);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:31550:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nShmFilename = 6 + (int)strlen(zBasePath);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:32626:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nFilename = (int)strlen(zFilename) + 6;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33001:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( (flags & SQLITE_OPEN_URI) || zName[strlen(zName)+1]==0 );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33014:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( zName[strlen(zName)+1]==0 );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33475:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(microseconds);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33776:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbLen = (int)strlen(dbPath);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:33797:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(lockPath);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34053:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000); /* wait 0.5 sec and try the lock again*/
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34079:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000000); /* wait 10 sec and try the lock again */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34228:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeSize = PROXY_PATHINDEX + strlen(&writeBuffer[PROXY_PATHINDEX]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34359:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(dbPath); /* Length of database filename - dbPath */
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34385:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( (int)strlen(conchPath) == len+7 );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34435:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( (int)strlen((char*)pFile->lockingContext)<=MAXPATHLEN );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34443:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen((char *)pFile->lockingContext) - strlen(DOTLOCK_SUFFIX);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34443:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen((char *)pFile->lockingContext) - strlen(DOTLOCK_SUFFIX);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:34447:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen((char*)pFile->lockingContext)<=MAXPATHLEN );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:120668:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( zAff==0 || (int)strlen(zAff)>=nEq );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:138783:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nRet = 2 + (int)strlen(zInput)*2 + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139054:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nStr += (int)strlen(zCol) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139065:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = (int)strlen(zCol)+1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139131:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen(argv[0])==4 );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139136:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDb = (int)strlen(argv[1]) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139137:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = (int)strlen(argv[2]) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139171:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(z)>8
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139210:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(zVal)!=4 || sqlite3_strnicmp(zVal, "fts3", 4) ){
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139236:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (strlen(zVal)!=3 || sqlite3_strnicmp(zVal, "asc", 3))
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139237:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(zVal)!=4 || sqlite3_strnicmp(zVal, "desc", 4))
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139270:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nString += (int)(strlen(z) + 1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139393:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = (int)strlen(p->azColumn[iCol]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:139396:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( zNot && n==(int)strlen(zNot)
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:143994:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDb = (int)strlen(zDb);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:143998:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDb = (int)strlen(zDb);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:144006:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nFts3 = (int)strlen(zFts3);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:144990:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nStr = (int)strlen(zStr);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:145450:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:145876:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( nKey<=0 ) nKey = (int) strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:146267:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->nInput = (int)strlen(zInput);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:146729:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*pnOut = i = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:146998:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zEnd = &zCopy[strlen(zCopy)];
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147008:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = (sqlite3_tokenizer_module *)sqlite3Fts3HashFind(pHash,z,(int)strlen(z)+1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147414:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, n = (int)strlen(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147466:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->nBytes = (int)strlen(pInput);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147658:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nName = (int)strlen(zName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147696:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nByte += (int)(strlen(argv[i]) + 1);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:147705:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = (int)strlen(argv[i]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:153844:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nStr = (int)strlen(zMatchinfo);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:154309:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nAppend = (int)strlen(zAppend);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:155653:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:155705:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pCsr->nInput = (int)strlen(aInput);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:157758:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (idxStr && (int)strlen(idxStr)==argc*2) );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159387:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDb = (int)strlen(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159388:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = (int)strlen(argv[2]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159485:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nCell = (int)strlen(zCell);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:159494:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nCell = (int)strlen(zCell);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:160266:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(argv[0])+1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:160322:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nInput = strlen(zInput);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:161768:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( zIn && strlen(zIn)>4 && memcmp("data", zIn, 4)==0 ){
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:161919:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nCopy = strlen(zStr) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:162472:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (int)strlen(zMask)!=pIter->nTblCol ){
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163967:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nTarget = strlen(zTarget);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163968:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nRbu = strlen(zRbu);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:163969:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nState = zState ? strlen(zState) : 0;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:164109:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nErrmsg = strlen(p->zErrmsg);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:164694:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = (int)strlen(zName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:164720:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nCopy = strlen(zName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:164954:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = strlen(zName);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:165956:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->nUsed += (int)strlen(p->zBuf+p->nUsed);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:167585:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jsonAppendRaw(&x, p->zRoot, (int)strlen(p->zRoot));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:170618:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( n<0 ) n = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171126:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nStr = (int)strlen(zStr);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171311:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nIn = (int)strlen(pIn);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171643:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nEnum = (int)strlen(zEnum);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171675:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nCmd = (int)strlen(zCmd);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171731:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nArg = (int)strlen(zArg) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:171861:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nIn = (int)strlen(zIn);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:173149:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pExpr->pIndex, p->zTerm, (int)strlen(p->zTerm),
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:173953:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:174021:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = fts5ParseTokenize((void*)&sCtx, tflags, zTerm, (int)strlen(zTerm),
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:174318:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nByte += (int)strlen(pTerm->zTerm) * 2 + 3 + 2;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:174788:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nTerm = strlen(pTerm->zTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:175117:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iHash = fts5HashKey(nNew, (u8*)p->zKey, (int)strlen(p->zKey));
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:175457:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nTerm = (int)strlen(p->zKey);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:177323:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3Fts5BufferSet(&p->rc,&pIter->term, (int)strlen(zTerm), (u8*)zTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:177403:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3Fts5BufferSet(&p->rc, &pIter->term, (int)strlen(zTerm),
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:177834:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (z ? (int)strlen((const char*)z) : 0);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:179827:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fts5WriteAppendTerm(p, &writer, (int)strlen(zTerm), (const u8*)zTerm);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184188:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = (int)strlen(zName) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184226:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = (int)strlen(zName) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184781:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iOff = (int)strlen(zDefn);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:184784:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iOff += (int)strlen(&zDefn[iOff]);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:185855:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186192:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen(p->zSuffix)==p->nSuffix );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:186193:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen(p->zOutput)==p->nOutput );
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:187728:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bDb = (argc==6 && strlen(argv[1])==4 && memcmp("temp", argv[1], 4)==0);
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:187738:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nDb = (int)strlen(zDb)+1;
data/ecere-sdk-0.44.15/eda/drivers/sqlite/sqlite3.c:187739:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nTab = (int)strlen(zTab)+1;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:25569:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ "read", (sqlite3_syscall_ptr)read, 0 },
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:25634:42: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
{ "umask", (sqlite3_syscall_ptr)umask, 0 },
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:26052:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(zAbsoluteName);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:28558:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(ii=(int)strlen(zDirname); ii>1 && zDirname[ii]!='/'; ii--);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:29219:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nShmFilename = 6 + (int)strlen(pDbFd->zPath);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30045:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nFilename = (int)strlen(zFilename) + 6;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30152:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (strlen(zDir) + strlen(SQLITE_TEMP_FILE_PREFIX) + 18) >= (size_t)nBuf ){
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30152:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (strlen(zDir) + strlen(SQLITE_TEMP_FILE_PREFIX) + 18) >= (size_t)nBuf ){
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30158:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = (int)strlen(zBuf);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30421:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( (flags & SQLITE_OPEN_URI) || zName[strlen(zName)+1]==0 );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30434:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( zName[strlen(zName)+1]==0 );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30701:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nCwd = (int)strlen(zOut);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:30830:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(microseconds);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31124:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbLen = (int)strlen(dbPath);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31145:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(lockPath);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31400:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000); /* wait 0.5 sec and try the lock again*/
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31426:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000000); /* wait 10 sec and try the lock again */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31573:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeSize = PROXY_PATHINDEX + strlen(&writeBuffer[PROXY_PATHINDEX]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31704:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(dbPath); /* Length of database filename - dbPath */
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31730:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( (int)strlen(conchPath) == len+7 );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31780:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( (int)strlen((char*)pFile->lockingContext)<=MAXPATHLEN );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31787:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen((char *)pFile->lockingContext) - strlen(DOTLOCK_SUFFIX);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31787:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen((char *)pFile->lockingContext) - strlen(DOTLOCK_SUFFIX);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:31791:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen((char*)pFile->lockingContext)<=MAXPATHLEN );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:36123:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zUtf8Name[strlen(zUtf8Name)+1]==0 );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119459:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nRet = 2 + (int)strlen(zInput)*2 + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119715:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nStr += (int)strlen(zCol) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119726:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = (int)strlen(zCol)+1;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119790:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert( strlen(argv[0])==4 );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119795:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDb = (int)strlen(argv[1]) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119796:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = (int)strlen(argv[2]) + 1;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119820:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(z)>8
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119858:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(zVal)!=4 || sqlite3_strnicmp(zVal, "fts3", 4) ){
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119884:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (strlen(zVal)!=3 || sqlite3_strnicmp(zVal, "asc", 3))
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119885:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(zVal)!=4 || sqlite3_strnicmp(zVal, "desc", 4))
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:119913:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nString += (int)(strlen(z) + 1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:124139:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDb = (int)strlen(zDb);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:124141:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nFts3 = (int)strlen(zFts3);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125058:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nStr = (int)strlen(zStr);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125331:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:125647:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( nKey<=0 ) nKey = (int) strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126036:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->nInput = (int)strlen(zInput);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126482:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*pnOut = i = (int)strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126740:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zEnd = &zCopy[strlen(zCopy)];
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:126746:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = (sqlite3_tokenizer_module *)sqlite3Fts3HashFind(pHash,z,(int)strlen(z)+1);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:127145:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, n = (int)strlen(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:127197:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->nBytes = (int)strlen(pInput);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:133199:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nAppend = (int)strlen(zAppend);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:133876:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nArg = (int)strlen(zArg);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:134463:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(z);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:134515:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pCsr->nInput = (int)strlen(aInput);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:136285:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (idxStr && (int)strlen(idxStr)==argc*2) );
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138109:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nDb = (int)strlen(argv[1]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138110:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = (int)strlen(argv[2]);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138205:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nCell = (int)strlen(zCell);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138214:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nCell = (int)strlen(zCell);
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138913:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(argv[0])+1;
data/ecere-sdk-0.44.15/eda/drivers/sqliteCipher/sqlite3.c:138969:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nInput = strlen(zInput);
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:24:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fileName = new char[strlen(name)+strlen(ext)+8];
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:24:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fileName = new char[strlen(name)+strlen(ext)+8];
data/ecere-sdk-0.44.15/eda/libeda/src/DirFilesDataSource.ec:30:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, ".");
data/ecere-sdk-0.44.15/eda/libeda/src/EDA.ec:508:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint len = strlen(query);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:226:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(indexName, ".");
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:733:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(indexName, ".");
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1192:160: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
((void (*)(void *, void *, void *))(void *)type._vTbl[__ecereVMethodID_class_OnUnserialize])(type, (type.type == structClass) ? (void *)(intptr)read : &read, f);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1192:168: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
((void (*)(void *, void *, void *))(void *)type._vTbl[__ecereVMethodID_class_OnUnserialize])(type, (type.type == structClass) ? (void *)(intptr)read : &read, f);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1197:129: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(type.type == systemClass || type.type == bitClass || type.type == enumClass || type.type == unitClass) ? &read : (void *)(intptr)read, data);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1197:152: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(type.type == systemClass || type.type == bitClass || type.type == enumClass || type.type == unitClass) ? &read : (void *)(intptr)read, data);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1199:113: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
((void (*)(void *, void *))(void *)type._vTbl[__ecereVMethodID_class_OnFree])(type, (void *)(intptr)read);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1202:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void * dataPtr = (void *)(intptr)read;
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1396:163: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
((void (*)(void *, void *, void *))(void *)type._vTbl[__ecereVMethodID_class_OnUnserialize])(type, (type.type == structClass) ? (void *)(intptr)read : &read, f);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1396:171: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
((void (*)(void *, void *, void *))(void *)type._vTbl[__ecereVMethodID_class_OnUnserialize])(type, (type.type == structClass) ? (void *)(intptr)read : &read, f);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1401:132: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(type.type == systemClass || type.type == bitClass || type.type == enumClass || type.type == unitClass) ? &read : (void *)(intptr)read,
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1401:155: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(type.type == systemClass || type.type == bitClass || type.type == enumClass || type.type == unitClass) ? &read : (void *)(intptr)read,
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1404:116: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
((void (*)(void *, void *))(void *)type._vTbl[__ecereVMethodID_class_OnFree])(type, (void *)(intptr)read);
data/ecere-sdk-0.44.15/eda/libeda/src/EDB.ec:1407:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void * dataPtr = (void *)(intptr)read;
data/ecere-sdk-0.44.15/eda/libeda/src/gui.ec:269:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(contents);
data/ecere-sdk-0.44.15/eda/libeda/src/gui.ec:285:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
editBox.SetSelPos(line, 0, len, line, 0, strlen(string));
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:91:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = text ? strlen(text) : 0;
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:982:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = searchString ? strlen(searchString) : 0;
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1013:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c = strlen(fn)-2; c > 0; c--)
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1340:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpenBuffered(filePath, read);
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1765:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpenBuffered(filePath, read);
data/ecere-sdk-0.44.15/eda/libeda/src/gui/TableEditor.ec:1842:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AddWord(asciiWord, strlen(asciiWord), method == allSubstrings, id);
data/ecere-sdk-0.44.15/eda/libeda/src/idList.ec:83:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * trimmed = new char[strlen(string) + 1];
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:169:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int argLen = strlen(argv[c]);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:187:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int argLen = strlen(argv[c]);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:225:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int argLen = strlen(arg);
data/ecere-sdk-0.44.15/epj2make/epj2make.ec:277:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ideConfig.compilers.read(settingsContainer);
data/ecere-sdk-0.44.15/extras/CSVDataParser.ec:53:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer.size = strlen(s) * 3 + 1;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:118:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(; *var; var += strlen(var) + 1) // strlen vs lstrlen
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:122:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal && equal != var)
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:122:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal && equal != var)
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:129:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(varName, var, nameLen);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:170:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dollarStyleRefIdLen = strlen(varName)+3;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:175:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
percentStyleRefIdLen = strlen(varName)+2;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:187:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
afterLen = strlen(dollarStyleRef);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:188:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldValLen = oldValue ? strlen(oldValue) : 0;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:190:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mergedValue, varValue, beforeLen);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:203:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
afterLen = strlen(percentStyleRef);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:204:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldValLen = oldValue ? strlen(oldValue) : 0;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:206:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mergedValue, varValue, beforeLen);
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:236:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*env = new char [strlen(node.key) + strlen(node.value) + 2];
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:236:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*env = new char [strlen(node.key) + strlen(node.value) + 2];
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:246:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(node.key) + strlen(node.value) + 2;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:246:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(node.key) + strlen(node.value) + 2;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:255:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string += strlen(node.key) + strlen(node.value) + 2;
data/ecere-sdk-0.44.15/extras/EnvironmentVariables.ec:255:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string += strlen(node.key) + strlen(node.value) + 2;
data/ecere-sdk-0.44.15/extras/SMTPSocket.ec:69:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
socket.Send(buffer, read);
data/ecere-sdk-0.44.15/extras/fli.ec:241:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpenBuffered(fileName, read);
data/ecere-sdk-0.44.15/extras/gui/LicensesDialog.ec:26:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(value, read);
data/ecere-sdk-0.44.15/extras/gui/controls/PasswordBox.ec:15:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(backup);
data/ecere-sdk-0.44.15/extras/gui/skins/SimSkin.ec:141:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size.w - (buttonsSize + border + 4), name, (int)strlen(name));
data/ecere-sdk-0.44.15/extras/gui/skins/SimSkin.ec:800:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(text, (int)strlen(text),&tw, &th);
data/ecere-sdk-0.44.15/extras/gui/skins/SimSkin.ec:814:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteTextDots(alignment, x, y, width, text, (int)strlen(text));
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:149:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file = FileOpen(path, read);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:524:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(location && path[strlen(path)-1] != '/')
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:585:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File file = FileOpen(path, read);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:774:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = (HTTPFile)FileOpen(location, read);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:813:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(path[strlen(path)-1] != '/')
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:913:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subBlock.textLen = strlen(fn);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1425:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(newLocation[strlen(newLocation)-1] != '/')
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1468:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(location[strlen(location)-1] != '?')
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1470:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(location, "&");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1473:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(location, "=");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1475:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(location);
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1516:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(newLocation[strlen(newLocation)-1] != '/')
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1526:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newLocation, "?");
data/ecere-sdk-0.44.15/extras/html/HTMLView.ec:1531:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newLocation, "=");
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:108:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(input);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:207:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(input);
data/ecere-sdk-0.44.15/extras/html/htmlParser.ec:427:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(keyWord[0] != '#' || strlen(keyWord) <= 7)
data/ecere-sdk-0.44.15/extras/stringTools.ec:41:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/extras/stringTools.ec:44:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/extras/stringTools.ec:81:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/extras/stringTools.ec:84:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/ecere-sdk-0.44.15/extras/tiles/sequence.ec:67:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/extras/tiles/sequence.ec:165:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/extras/tiles/sprite.ec:42:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(sizefile, read);
data/ecere-sdk-0.44.15/extras/types/Currency.ec:29:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(number);
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:23:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(value) + 1;
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:45:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:81:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
privateCommonCopyLenSingleBlankReplTrim(s, replace, trim, strlen(s));
data/ecere-sdk-0.44.15/extras/types/DynamicString.ec:86:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
privateCommonCopyLenSingleBlankReplTrim(s, replace, trim, Min(strlen(s), copyLen));
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:291:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:312:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c += strlen(vars[v]);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:326:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(c=0; c<parts.count; c++) len += strlen(parts[c]);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:371:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:505:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(recentFilesMonitor.fileName, read);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:511:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
recentFiles.read(this);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:527:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(recentProjectsMonitor.fileName, read);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:533:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
recentProjects.read(this);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:600:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(defaultConfigFilePath, read);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:829:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CompilerConfig ccfg = CompilerConfig::read(path);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:861:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if((sf = SafeFile::open(path, read)))
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:894:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(mode == write || mode == read)
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1342:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(IDESettingsContainer settingsContainer)
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:1377:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(IDESettingsContainer settingsContainer)
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2000:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CompilerConfig ::read(const char * path)
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2111:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(IDESettingsContainer settingsContainer)
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2232:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lang, language, sizeof(lang));
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2240:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lang, language, sizeof(lang));
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2260:90: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueExW(key, L"ECERE_LANGUAGE", 0, REG_EXPAND_SZ, (byte *)wLanguage, (uint)(wcslen(wLanguage)+1) * 2);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2270:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int arg0Len = (int)strlen(app.argv[0]);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2313:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, " ");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2360:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, " ");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2363:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(command);
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2405:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, " ");
data/ecere-sdk-0.44.15/ide/src/IDESettings.ec:2408:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(command);
data/ecere-sdk-0.44.15/ide/src/OldIDESettings.ec:129:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(configName);
data/ecere-sdk-0.44.15/ide/src/OldIDESettings.ec:240:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(compiler.name);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:136:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * projectName = new char[strlen(project.topNode.name) + 1];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:140:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * label = new char[strlen(dialogTitle) + 3 + strlen(project.topNode.name) + 3 +
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:140:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * label = new char[strlen(dialogTitle) + 3 + strlen(project.topNode.name) + 3 +
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:141:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nodeName) + 2 + strlen(config) + 1 + strlen(platform) + 1 + 1];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:141:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nodeName) + 2 + strlen(config) + 1 + strlen(platform) + 1 + 1];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:141:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nodeName) + 2 + strlen(config) + 1 + strlen(platform) + 1 + 1];
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:152:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(config) || strlen(platform))
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:152:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(config) || strlen(platform))
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:155:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(config))
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:157:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(config) && strlen(platform))
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:157:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(config) && strlen(platform))
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:158:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "/");
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:159:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(platform))
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:161:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, ")");
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:939:135: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
property const char * switchToKeep { set { ((StringListBox)editor).switchToKeep = value; ((StringListBox)editor).lenSwitchToKeep = strlen(value); } };
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:990:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(path);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1005:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1006:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(path);
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1016:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
property const char * switchToKeep { set { switchToKeep = value; lenSwitchToKeep = strlen(value); } };
data/ecere-sdk-0.44.15/ide/src/ProjectSettings.ec:1036:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * buffer = new char[strlen(d)+64];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:23:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen _strlen
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:37:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:126:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(p);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:137:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:145:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(string);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:158:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(string);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:229:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:234:20: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
item.value = equal;
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1672:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string,"\n");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1768:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(path, read);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1777:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
moduleLoadLine = !strncmp(line, "eModule_Load", strlen("eModule_Load"));
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:1780:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(moduleLoadBlock && !moduleLoadLine && strlen(line) > 0)
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3023:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(value);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3038:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ISO8859_1toUTF8(string, value + len, strlen(value) - len - 30);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3421:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(output);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3431:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, start, 1024);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3462:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * addr = t + strlen("Entry point:");
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3577:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!strncmp(frame.func, "__ecereMethod_", strlen("__ecereMethod_")))
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3578:95: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ide.callStackView.Logf($"%s Method, %s:%d\n", &frame.func[strlen("__ecereMethod_")], (s = CopySystemPath(frame.file)), frame.line);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3579:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(!strncmp(frame.func, "__ecereProp_", strlen("__ecereProp_")))
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3580:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ide.callStackView.Logf($"%s Property, %s:%d\n", &frame.func[strlen("__ecereProp_")], (s = CopySystemPath(frame.file)), frame.line);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3581:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(!strncmp(frame.func, "__ecereConstructor_", strlen("__ecereConstructor_")))
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3582:100: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ide.callStackView.Logf($"%s Constructor, %s:%d\n", &frame.func[strlen("__ecereConstructor_")], (s = CopySystemPath(frame.file)), frame.line);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3583:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(!strncmp(frame.func, "__ecereDestructor_", strlen("__ecereDestructor_")))
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3584:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ide.callStackView.Logf($"%s Destructor, %s:%d\n", &frame.func[strlen("__ecereDestructor_")], (s = CopySystemPath(frame.file)), frame.line);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:3786:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(item.value) < MAX_F_STRING)
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4556:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fifoFile = FileOpen(progFifoPath, read);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4584:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int result = (int)read(fd, output, sizeof(output)-1);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4816:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(prjName, location+1, file-location-1);
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4824:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filePath = new char[strlen(file)+1];
data/ecere-sdk-0.44.15/ide/src/debugger/Debugger.ec:4825:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filePath, file, line-file);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:99:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(string);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:112:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(string);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:132:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:137:20: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
item.value = equal;
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:555:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(item.name) + strlen(item.value) + 3];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:555:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(item.name) + strlen(item.value) + 3];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:576:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(item.value) + strlen(frame.string) + 7];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:576:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(item.value) + strlen(frame.string) + 7];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:586:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(item.value) + strlen(frame.string) + 4];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:586:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(item.value) + strlen(frame.string) + 4];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:610:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(arg.string) + strlen(item.value) + 2];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:610:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(arg.string) + strlen(item.value) + 2];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:619:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(arg.string) + strlen(item.value) + 4];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:619:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = new char[strlen(arg.string) + strlen(item.value) + 4];
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:642:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:653:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(string && strlen(string))
data/ecere-sdk-0.44.15/ide/src/debugger/GDBDialog.ec:670:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(string && strlen(string))
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:143:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, ".");
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:144:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "f");
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:188:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(start);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:961:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:1167:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:1311:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(e.string) - 2;
data/ecere-sdk-0.44.15/ide/src/debugger/debugTools.ec:1602:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = string ? strlen(string) : 0;
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:268:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(exeFileTruncated, exeFile, 15);
data/ecere-sdk-0.44.15/ide/src/debugger/process.ec:283:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((f = FileOpen(fileName, read)))
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1018:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1695:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(font, string, strlen(string), &functionW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1697:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(font, type.name, strlen(type.name), &nameW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1703:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(boldFont, string, strlen(string), &functionW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1705:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(boldFont, instanceName, strlen(instanceName), &nameW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1710:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x, y, string, strlen(string));
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1716:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x, y, type.name, strlen(type.name));
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1729:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(methodType.methodClass.name, strlen(methodType.methodClass.name), &tw, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1749:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x, y, methodType.methodClass.name, strlen(methodType.methodClass.name));
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1780:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(paramString, strlen(paramString), &tw, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1796:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x, y, paramString, strlen(paramString));
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1819:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x, y, instanceName, strlen(instanceName));
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1861:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(font, string, strlen(string), &functionW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1863:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(font, type.name, strlen(type.name), &nameW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1869:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(boldFont, string, strlen(string), &functionW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1871:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(boldFont, instanceName, strlen(instanceName), &nameW, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1882:110: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent((id == editor.paramsID) ? boldFont : font, methodType.methodClass.name, strlen(methodType.methodClass.name), &width, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:1911:124: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent((id == editor.paramsID || param.kind == ellipsisType) ? boldFont : font, paramString, strlen(paramString), &width, null);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2279:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2293:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(editBox.line.text);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:2474:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:3101:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
String temp = new char[strlen(computed.string)+1];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:3403:111: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
String temp = new char[strlen(computed.string)+1];
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4212:95: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GetLocText(editBox, f, position, &function.loc, text, textSize, Max((int)strlen(this.methodName) - movedFuncIdLen,0), 0);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4262:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = strlen(method.name);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4786:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GetLocText(editBox, f, position, &function.loc, &text, &textSize, Max((int)strlen(methodName) - movedFuncIdLen,0), 3);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:4870:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newLen = strlen(methodName);
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:6086:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * colons = id ? RSearchString(id.string, "::", strlen(id.string), true, false) : null;
data/ecere-sdk-0.44.15/ide/src/designer/CodeEditor.ec:6746:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
membersLoc.end.charPos = idStart.charPos + strlen(string)-1; //end.charPos-1;
data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec:8:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(s);
data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec:10:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen mystrlen
data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec:33:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nameLen = strlen(name);
data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec:54:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/ecere-sdk-0.44.15/ide/src/designer/CodeObject.ec:65:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(text);
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:39:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(compilerPath, read);
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:56:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * equal;
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:59:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:63:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = '\0';
data/ecere-sdk-0.44.15/ide/src/dialogs/CompilersDetectionDialog.ec:82:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * refId = new char[strlen(var)+3];
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:590:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
find.disabled = (strlen(fileName.contents) == 0 && strlen(findContent.contents) == 0);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:590:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
find.disabled = (strlen(fileName.contents) == 0 && strlen(findContent.contents) == 0);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1007:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1024:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start += (find - &line[start]) / sizeof(char) + strlen(contentCriteria);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1031:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1075:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1103:22: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(line, edit.line.text, 1023);
data/ecere-sdk-0.44.15/ide/src/dialogs/FindInFilesDialog.ec:1105:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:186:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(varName+1, varName, strlen(varName)+1);
data/ecere-sdk-0.44.15/ide/src/dialogs/NewProjectDialog.ec:540:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(varName+1, varName, strlen(varName)+1);
data/ecere-sdk-0.44.15/ide/src/dialogs/WorkspaceSettings.ec:100:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/ecere-sdk-0.44.15/ide/src/documents/PictureEdit.ec:250:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case equal:
data/ecere-sdk-0.44.15/ide/src/ide.ec:854:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ideConfig.compilers.read(settingsContainer);
data/ecere-sdk-0.44.15/ide/src/ide.ec:1667:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, settingsContainer.moduleLocation, MAX_LOCATION); p[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ide/src/ide.ec:2858:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(text);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2907:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, path+1, close - path - 1);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2924:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filePath, path, colon - path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:2936:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filePath, path, colon - path);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3241:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * buf = new char[strlen(arg)*2+1];
data/ecere-sdk-0.44.15/ide/src/ide.ec:3463:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(path) + 1;
data/ecere-sdk-0.44.15/ide/src/ide.ec:3514:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(path) + 1;
data/ecere-sdk-0.44.15/ide/src/ide.ec:3617:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(itemPath, recent, MAX_LOCATION); itemPath[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ide/src/ide.ec:3635:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(itemPath, recent, MAX_LOCATION); itemPath[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ide/src/ide.ec:3680:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, settingsContainer.moduleLocation, MAX_LOCATION); path[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ide/src/ide.ec:3694:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, v, MAX_LOCATION); path[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ide/src/ide.ec:3728:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, tokens[c], MAX_LOCATION); path[MAX_LOCATION-1] = '\0';
data/ecere-sdk-0.44.15/ide/src/ide.ec:3808:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ideConfig.compilers.read(settingsContainer);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3809:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ideConfig.recentFiles.read(settingsContainer);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3810:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ideConfig.recentWorkspaces.read(settingsContainer);
data/ecere-sdk-0.44.15/ide/src/ide.ec:3986:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(genericLocale, language, sizeof(genericLocale));
data/ecere-sdk-0.44.15/ide/src/ide.ec:4061:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File include = FileOpen(":crossplatform.mk", read);
data/ecere-sdk-0.44.15/ide/src/licensing.ec:26:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(value, read);
data/ecere-sdk-0.44.15/ide/src/panels/ThreadsView.ec:197:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line.text))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:49:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
void ParseArrayValue(Array<String> array, char * equal)
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:53:24: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
string = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:159:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(printPath);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:162:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(printPath, "/");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:217:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(insidePath);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:220:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(insidePath, "/");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:226:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
indentation[strlen(indentation) - 3] = '\0';
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:419:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(input);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:463:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * buf = new char[strlen(input)*2+1];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:471:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * buf = new char[strlen(input)*2+1];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:491:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(list[c]) + 3;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:539:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int itemLen = strlen(list[n]);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:611:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * tmp = new char[strlen(item)*2+1];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:657:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int c, len = strlen(string);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1250:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ".");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1259:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ".");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1270:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ".");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1277:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(string, ".");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1306:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(cfDir && cfDir[0] && cfDir[strlen(cfDir)-1] != '/')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1307:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cfDir, "/");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1341:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(cfDir && cfDir[0] && cfDir[strlen(cfDir)-1] != '/')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1342:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cfDir, "/");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1528:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenMakeCommand = strlen(compiler.makeCommand);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1581:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
testLen = Max(testLen, strlen("mkdir "));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1606:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((t = strstr(line, (s=": recipe for target"))) && (t = strstr(t+strlen(s), (s2 = " failed"))) && (t+strlen(s2))[0] == '\0')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1606:121: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((t = strstr(line, (s=": recipe for target"))) && (t = strstr(t+strlen(s), (s2 = " failed"))) && (t+strlen(s2))[0] == '\0')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1732:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * start = inFileIncludedFrom ? inFileIncludedFrom + strlen(stringInFileIncludedFrom) : from ? from + strlen(stringFrom) : line;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1732:137: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * start = inFileIncludedFrom ? inFileIncludedFrom + strlen(stringInFileIncludedFrom) : from ? from + strlen(stringFrom) : line;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1753:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(moduleName, start, len);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1772:34: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mName, colon+1, len);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1838:37: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(moduleName, colon, pointer - colon);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1846:34: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(moduleName, colon, pointer - colon);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:1972:37: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullModuleName, ":");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2058:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lenMakeCommand = strlen(compiler.makeCommand);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2197:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(onlyNodes && strlen(makeTargets) == 0)
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2381:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ide.workspace.debugDir && strlen(ide.workspace.debugDir))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2393:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * prefixedTarget = new char[strlen(executableLauncher) + strlen(target) + 8];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2393:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * prefixedTarget = new char[strlen(executableLauncher) + strlen(target) + 8];
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2396:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(prefixedTarget, " ");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2451:97: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File include = altCrossPlatformMk ? altCrossPlatformMk : FileOpen(":crossplatform.mk", read);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2802:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenObjDirExpNoSpaces = strlen(objDirExpNoSpaces);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2805:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenTargetDirExpNoSpaces = strlen(targetDirExpNoSpaces);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2879:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(cfDir[0] && cfDir[strlen(cfDir)-1] != '/')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:2880:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cfDir, "/");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3735:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3737:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3748:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:3750:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4033:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * equal;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4040:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(buffer))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4045:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = ' ';
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4046:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4046:32: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4050:56: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.libraryDirs = { [ CopyString(equal) ] };
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4052:54: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.libraryDirs.Add(CopyString(equal));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4057:56: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.includeDirs = { [ CopyString(equal) ] };
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4059:54: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.includeDirs.Add(CopyString(equal));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4072:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = ' ';
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4073:28: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4073:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4074:47: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
delete name; name = CopyString(equal); // property::name = equal;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4093:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4095:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = '\0';
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4098:28: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4098:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4100:59: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.targetFileName = /*CopyString(*/equal/*)*/;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4103:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!strcmpi(equal, "Executable"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4105:36: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Shared"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4107:36: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Static"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4113:60: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.targetDirectory = /*CopyString(*/equal/*)*/;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4115:57: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.console = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4119:54: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
ParseArrayValue(options.libraries, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4122:61: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.objectsDirectory = /*CopyString(*/equal/*)*/; //objDir.expression = equal;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4124:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.debug = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4127:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!strcmpi(equal, "None"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4129:36: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Speed") || !strcmpi(equal, "True"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4129:64: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Speed") || !strcmpi(equal, "True"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4131:36: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Size"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4137:58: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.compress = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4139:57: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.profile = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4141:58: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.warnings = ParseTrueFalseValue(equal) ? all : unset;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4143:61: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.memoryGuard = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4145:57: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.defaultNameSpace = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4147:66: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
options.strictNameSpaces = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4151:68: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
ParseArrayValue(options.preprocessorDefinitions, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4181:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * equal;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4187:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(buffer))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4193:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = ' ';
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4194:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4194:32: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4198:71: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.libraryDirs = { [ CopyString(equal) ] };
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4200:69: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.libraryDirs.Add(CopyString(equal));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4205:71: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.includeDirs = { [ CopyString(equal) ] };
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4207:69: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.includeDirs.Add(CopyString(equal));
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4211:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4211:29: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
len = strlen(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4220:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
child.name = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4225:39: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GetLastDirectory(equal, temp);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4227:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
StripLastDirectory(equal, temp);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4249:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = ' ';
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4250:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4250:32: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4256:40: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
child.name = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4297:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(!strcmpi(buffer, "Target") || !strnicmp(buffer, "Target \"", strlen("Target \"")))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4317:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal[0] == ' ')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4320:19: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal[0] == '\"')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4322:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
StripQuotes(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4322:38: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
StripQuotes(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4323:78: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
delete project.moduleName; project.moduleName = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4357:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4359:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = '\0';
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4362:28: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4362:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4377:56: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.resNode.path = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4378:47: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
PathCatSlash(parentPath, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4383:79: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.objectsDirectory = /*CopyString(*/equal/*)*/; //objDir.expression = equal;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4385:73: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.debug = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4388:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!strcmpi(equal, "None"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4390:39: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Speed") || !strcmpi(equal, "True"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4390:67: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Speed") || !strcmpi(equal, "True"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4392:39: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Size"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4398:75: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.profile = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4400:79: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.config.options.memoryGuard = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4407:73: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.options.targetFileName = /*CopyString(*/equal/*)*/;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4410:37: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!strcmpi(equal, "Executable"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4412:42: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Shared"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4414:42: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if(!strcmpi(equal, "Static"))
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4420:74: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.options.targetDirectory = /*CopyString(*/equal/*)*/;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4422:71: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.options.console = ParseTrueFalseValue(equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4426:68: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
ParseArrayValue(project.options.libraries, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4429:72: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
project.options.warnings = ParseTrueFalseValue(equal) ? all : unset;
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4440:85: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
ParseArrayValue(project.options.preprocessorDefinitions, equal);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4682:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4799:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tokens[i][strlen(tokens[i])-1] != ')')
data/ecere-sdk-0.44.15/ide/src/project/Project.ec:4802:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(tokens[i][0] && tokens[i][strlen(tokens[i])-1] == ')')
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:47:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((len = strlen(expr)))
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:73:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d += strlen(configName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:82:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d += strlen(moduleName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:91:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d += strlen(targetPlatformName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:100:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d += strlen(compilerName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:120:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d += strlen(compilerName);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:139:127: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ev.name && ev.string && ev.name[0] && ev.string[0] && !strnicmp(&expr[c + 2], ev.name, n) && strlen(ev.name) == n)
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:149:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d += strlen(ev.string);
data/ecere-sdk-0.44.15/ide/src/project/ProjectConfig.ec:168:22: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer, &expr[i], i - c);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:65:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(extension))
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:270:32: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(!insidePath[0]) strcpy(insidePath, ".");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:305:32: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(!insidePath[0]) strcpy(insidePath, ".");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:591:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, ".");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:826:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tempString, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:828:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tempString, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:910:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(if $(or ");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:910:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(if $(or ");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:924:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(") + strlen(var) + strlen(")") + strlen(comma);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:924:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(") + strlen(var) + strlen(")") + strlen(comma);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:924:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(") + strlen(var) + strlen(")") + strlen(comma);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:924:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(") + strlen(var) + strlen(")") + strlen(comma);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:924:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(") + strlen(var) + strlen(")") + strlen(comma);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:928:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(exp, ")");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:935:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("),");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:935:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("),");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:946:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(if $(") + strlen(var) + strlen("),");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:946:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(if $(") + strlen(var) + strlen("),");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:946:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(if $(") + strlen(var) + strlen("),");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:946:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen("$(if $(") + strlen(var) + strlen("),");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:956:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen(",");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:956:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen(",");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:958:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(exp, ",");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:962:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen(")");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:962:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(exp) + strlen(")");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:964:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(exp, ")");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1348:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(addendum))
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1352:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, ")");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1355:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(addendum))
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1359:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, ")");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1370:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(info) + 4;
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1377:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(label);
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1657:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1659:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1670:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1672:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1852:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1854:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1865:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:1867:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2192:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "/");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2296:40: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
isEqual = complexCmp == equal;
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2485:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(moduleName, ".");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2488:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(moduleName, ".");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2568:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fileName, ".");
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2930:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
ComplexComparison result = equal;
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2939:42: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(compare == greater && result == equal)
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2952:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
ComplexComparison result = equal;
data/ecere-sdk-0.44.15/ide/src/project/ProjectNode.ec:2976:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
enum ComplexComparison { different/*, smaller*/, equal, greater };
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:578:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg, "?");
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1746:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * start = inFileIncludedFrom ? inFileIncludedFrom + strlen(stringInFileIncludedFrom) : from ? from + strlen("from ") : line;
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1746:128: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * start = inFileIncludedFrom ? inFileIncludedFrom + strlen(stringInFileIncludedFrom) : from ? from + strlen("from ") : line;
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:1752:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(moduleName, start, len);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2298:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(part1);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2299:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(part2);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2300:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += nameConflictFiles.count > 1 ? strlen(opt2) : strlen(opt1);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2300:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += nameConflictFiles.count > 1 ? strlen(opt2) : strlen(opt1);
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2302:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(s) + 1;
data/ecere-sdk-0.44.15/ide/src/project/ProjectView.ec:2310:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(message, "\n");
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:998:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1139:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(files,"\n");
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1142:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "s");
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1152:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(files, "\n");
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1208:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1222:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * equal;
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1230:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(buffer))
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1235:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = ' ';
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1236:28: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1236:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1242:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
wh.expression = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1249:49: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
wh.expression = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1255:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
String value = strchr(equal, '=');
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1260:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimRSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1260:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimRSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1262:54: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.environmentVars.Add({ equal, value });
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1269:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = ' ';
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1270:28: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1270:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1279:32: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
strEnabled = equal;
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1339:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = ' ';
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1340:28: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1340:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1342:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.sourceDirs.Add(CopyString(equal));
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1351:44: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * comma = strchr(equal, ',');
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1355:43: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
lineNumber = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1361:45: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * column = strchr(equal, ':');
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1365:36: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(strcmpi(equal, "O"))
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1369:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
column = strchr(equal, ':');
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1373:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
lineNumber = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1376:44: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
column = strchr(equal, ':');
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1380:47: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
position = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1383:47: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
column = strchr(equal, ':');
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1387:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
scroll.x = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1390:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
column = strchr(equal, ':');
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1394:53: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
scroll.y = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1403:48: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.LoadOpenedFileInfo(equal, state, lineNumber, position, scroll, GetLocalTimeStamp(), openedFilesNotFound);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1410:49: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
PathCatSlash(projectFilePath, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1459:19: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal)
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1463:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = '\0';
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1466:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1466:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1469:89: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
CompilerConfig compiler = ideConfig.compilers.GetCompilerConfig(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1473:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.activeCompiler = equal;
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1478:45: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int bitDepth = atoi(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1487:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = '\0';
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1490:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1490:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1492:53: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.commandLineArgs = equal;
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1504:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = '\0';
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1507:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1507:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1509:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.debugDir = equal;
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1513:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal[0] = '\0';
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1516:34: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1516:41: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TrimLSpaces(equal, equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1525:52: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!strcmp(cfg.name, equal))
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1541:52: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!strcmp(cfg.name, equal))
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1553:53: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.commandLineArgs = equal;
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1557:49: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char * lineNum = strstr(equal, ",");
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1562:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal[0] == '0')
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1597:52: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
wh.expression = CopyString(equal);
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1601:61: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.sourceDirs.Add(CopyString(equal));
data/ecere-sdk-0.44.15/ide/src/project/Workspace.ec:1605:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
workspace.debugDir = equal;
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:44:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(indendation);
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:52:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(indendation);
data/ecere-sdk-0.44.15/ide/src/project/vsSupport.ec:710:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(relativePath, "");
data/ecere-sdk-0.44.15/installer/src/installer.ec:133:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File input = FileOpen(path, read);
data/ecere-sdk-0.44.15/installer/src/installer.ec:232:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(source, ":");
data/ecere-sdk-0.44.15/installer/src/installer.ec:904:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ":");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1147:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(genericLocale, language, sizeof(genericLocale));
data/ecere-sdk-0.44.15/installer/src/installer.ec:1295:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(userPath, ";");
data/ecere-sdk-0.44.15/installer/src/installer.ec:1296:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start = paths[(*count)-1] + strlen(paths[(*count)-1])+1;
data/ecere-sdk-0.44.15/installer/src/installer.ec:1302:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(start + strlen(path)) = '\0';
data/ecere-sdk-0.44.15/installer/src/installer.ec:1370:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueEx(key, null, 0, REG_SZ, (byte *)name, (uint)strlen(name)+1);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1374:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueEx(key, null, 0, REG_SZ, (byte *)description, (uint)strlen(description)+1);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1379:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueEx(key, null, 0, REG_SZ, (byte *)action, (uint)strlen(action)+1);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1394:69: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueExW(key, null, 0, REG_SZ, (byte *)wKeyName, (uint)(wcslen(wKeyName) + 1)*sizeof(uint16));
data/ecere-sdk-0.44.15/installer/src/installer.ec:1446:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
configs.read(settingsContainer);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1537:99: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueExW(key, L"ECERE_LANGUAGE", 0, REG_EXPAND_SZ, (byte *)wLanguage, (uint)(wcslen(wLanguage)+1) * 2);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1570:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueEx(key, "DisplayName", 0, REG_SZ, (byte *)displayName, (uint)strlen(displayName)+1);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1571:89: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueEx(key, "UninstallString", 0, REG_SZ, (byte *)uninstaller, (uint)strlen(uninstaller)+1);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1572:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueEx(key, "DisplayIcon", 0, REG_SZ, (byte *)idePath, (uint)strlen(idePath)+1);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1610:100: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueExW(systemKey, L"path", 0, REG_EXPAND_SZ, (byte *)wSystemPath, (uint)(wcslen(wSystemPath)+1) * 2);
data/ecere-sdk-0.44.15/installer/src/installer.ec:1633:93: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RegSetValueExW(userKey, L"path", 0, REG_EXPAND_SZ, (byte *)wUserPath, (uint)(wcslen(wUserPath)+1) * 2);
data/ecere-sdk-0.44.15/samples/3D/HiraganaCube/hiraganaCube.ec:126:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(hiragana[c], strlen(hiragana[c]), &tw, &th);
data/ecere-sdk-0.44.15/samples/3D/HiraganaCube/hiraganaCube.ec:128:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText((256 - tw) / 2, (256 - th) / 2, hiragana[c], strlen(hiragana[c]));
data/ecere-sdk-0.44.15/samples/3D/ModelViewer/eModel.ec:110:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(":help.txt", read);
data/ecere-sdk-0.44.15/samples/3D/spriteBalls/balls.ec:421:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case wheelUp: case equal: camera.position.z *= 0.9f; break;
data/ecere-sdk-0.44.15/samples/3D/terrainCameraDemo/demo.ec:112:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/samples/audio/S3MPlayer/S3MPlayer.ec:89:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/samples/db/MedDB/med.ec:64:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x, y, string, strlen(string));
data/ecere-sdk-0.44.15/samples/eC/ecas/misc.ec:95:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src)+1;
data/ecere-sdk-0.44.15/samples/eC/fibonacci/fibo.ec:30:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(number);
data/ecere-sdk-0.44.15/samples/games/bomb/bomb.ec:129:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(map, read);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:284:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
C2SPlayerName * playerName = (C2SPlayerName *)new byte[sizeof(C2SPlayerName) + strlen(name)];
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:286:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
playerName->size = sizeof(C2SPlayerName) + strlen(name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:311:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S2CPlayerInfo * playerInfo = (S2CPlayerInfo *)new byte[sizeof(S2CPlayerInfo) + strlen(name)];
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/ruff.ec:313:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
playerInfo->size = sizeof(S2CPlayerInfo) + strlen(name);
data/ecere-sdk-0.44.15/samples/games/cards/ruff/src/trump.ec:27:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/ecere-sdk-0.44.15/samples/games/chess/src/chess3D.ec:350:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
case equal: camera.position.z /= 1.1f;
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:890:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:904:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:918:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:932:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1104:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = "Score"; len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1107:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = "Bonus"; len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1110:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = "Total"; len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1115:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = "Grand Total"; len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1131:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1137:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1142:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1148:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1155:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1173:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1178:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1226:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1227:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(100, 180, string, strlen(string));
data/ecere-sdk-0.44.15/samples/games/cornerBlocks/cornerBlocks.ec:1509:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(msg);
data/ecere-sdk-0.44.15/samples/games/crosswords/CrossWordsServer.ec:224:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/samples/guiAndGfx/eNotepad/eNotepad.ec:37:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(openDialog.filePath, read);
data/ecere-sdk-0.44.15/samples/guiAndGfx/eNotepad/eNotepad.ec:105:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(filePath, read);
data/ecere-sdk-0.44.15/samples/guiAndGfx/fractals/fractals.ec:1081:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:413:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:436:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = new char[strlen(message_format)+strlen(vnp)];
data/ecere-sdk-0.44.15/samples/guiAndGfx/openrider/form1.ec:436:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = new char[strlen(message_format)+strlen(vnp)];
data/ecere-sdk-0.44.15/samples/guiAndGfx/replace/replace.ec:94:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(listing.path, read);
data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/AcovelSkin.ec:144:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size.w - (buttonsSize + border + 4), name, strlen(name));
data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/MySkin.ec:637:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size.w - (buttonsSize + border + NAME_OFFSETX /*4*/), name, strlen(name));
data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/SimSkin.ec:131:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size.w - (buttonsSize + border + 4), name, strlen(name));
data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/SimSkin.ec:752:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(text, strlen(text),&tw, &th);
data/ecere-sdk-0.44.15/samples/guiAndGfx/skinning/SimSkin.ec:766:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteTextDots(alignment, x, y, width, text, strlen(text));
data/ecere-sdk-0.44.15/samples/guiAndGfx/snow/snow.ec:53:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(textString);
data/ecere-sdk-0.44.15/samples/guiAndGfx/snow/snow.ec:56:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.TextExtent(textString, strlen(textString), &tw, &th);
data/ecere-sdk-0.44.15/samples/guiAndGfx/textScroller/textScroller.ec:22:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen("textScroller.ec", read);
data/ecere-sdk-0.44.15/samples/guiAndGfx/textScroller/textScroller.ec:80:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
display.FontExtent(fontObject, lines[c], strlen(lines[c]), &w, null);
data/ecere-sdk-0.44.15/samples/guiAndGfx/textScroller/textScroller.ec:98:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
surface.WriteText(x, y, lines[c], strlen(lines[c]));
data/ecere-sdk-0.44.15/samples/net/SocketSample/socketSample.ec:105:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/samples/net/SocketTx/socketTX.ec:30:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:152:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen(htmlView.location, read);
data/ecere-sdk-0.44.15/samples/net/browser/browser.ec:203:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(newLocation[strlen(newLocation)-1] != '/')
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:98:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fileSend = FileOpen(fileName, read);
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:105:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(outputFile);
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:207:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(string);
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:282:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eComPacket * namePacket = (eComPacket *)new byte[sizeof(eComPacket) + strlen(name)];
data/ecere-sdk-0.44.15/samples/net/eCom/connection.ec:287:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namePacket->dataSize = strlen(name);
data/ecere-sdk-0.44.15/samples/net/eirc/console.ec:193:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = (Item)new0 byte[sizeof(class Item) + strlen(lineBuffer) + 1];
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:68:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, " ");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:71:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, "\n");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:82:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, " ");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:85:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, "\n");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:97:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, "#");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:101:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, "\n");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:112:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, " ");
data/ecere-sdk-0.44.15/samples/net/eirc/eIRC.ec:115:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sendbuf, "\n");
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:146:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(indexFile, read);
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:163:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = FileOpen(path, read);
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:218:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read)
data/ecere-sdk-0.44.15/samples/net/httpserver/http.ec:219:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
client.Send(buffer, read);
data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkClient/client.ec:12:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f = connection.Open("c:/boot.ini", read);
data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkServer/server.ec:85:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
enum PacketType { open, close, read, size };
data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkServer/server.ec:130:61: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
handles[c] = FileOpen(packet.fileName, read);
data/ecere-sdk-0.44.15/samples/net/networkFile/NetworkServer/server.ec:153:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
case read:
data/ecere-sdk-0.44.15/samples/net/smtp/smtp.ec:56:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
socket.Send(buffer, read);
data/ecere-sdk-0.44.15/samples/net/smtp/smtp.ec:71:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
File f = FileOpen("http://www.ecere.com/", read);
data/ecere-sdk-0.44.15/samples/threads/threadsAndListBoxes/blank.ec:43:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
ANALYSIS SUMMARY:
Hits = 7782
Lines analyzed = 850163 in approximately 23.90 seconds (35572 lines/second)
Physical Source Lines of Code (SLOC) = 626128
Hits@level = [0] 731 [1] 1671 [2] 4224 [3] 63 [4] 1808 [5] 16
Hits@level+ = [0+] 8513 [1+] 7782 [2+] 6111 [3+] 1887 [4+] 1824 [5+] 16
Hits/KSLOC@level+ = [0+] 13.5963 [1+] 12.4288 [2+] 9.75999 [3+] 3.01376 [4+] 2.91314 [5+] 0.0255539
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.