Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/evolver-2.70+ds/src/alloca.c
Examining data/evolver-2.70+ds/src/bk.c
Examining data/evolver-2.70+ds/src/boundary.c
Examining data/evolver-2.70+ds/src/calcforc.c
Examining data/evolver-2.70+ds/src/check.c
Examining data/evolver-2.70+ds/src/cnstrnt.c
Examining data/evolver-2.70+ds/src/command.c
Examining data/evolver-2.70+ds/src/curtest.c
Examining data/evolver-2.70+ds/src/diffuse.c
Examining data/evolver-2.70+ds/src/display.c
Examining data/evolver-2.70+ds/src/dodecGroup.c
Examining data/evolver-2.70+ds/src/express.h
Examining data/evolver-2.70+ds/src/exprint.c
Examining data/evolver-2.70+ds/src/f2c.h
Examining data/evolver-2.70+ds/src/filgraph.c
Examining data/evolver-2.70+ds/src/filml.c
Examining data/evolver-2.70+ds/src/filmq.c
Examining data/evolver-2.70+ds/src/fixvol.c
Examining data/evolver-2.70+ds/src/gauss.c
Examining data/evolver-2.70+ds/src/geomgraph.c
Examining data/evolver-2.70+ds/src/gnugraph.c
Examining data/evolver-2.70+ds/src/graphgen.c
Examining data/evolver-2.70+ds/src/hessian2.c
Examining data/evolver-2.70+ds/src/hessian3.c
Examining data/evolver-2.70+ds/src/hessian.c
Examining data/evolver-2.70+ds/src/hidim.c
Examining data/evolver-2.70+ds/src/inline.h
Examining data/evolver-2.70+ds/src/iterate.c
Examining data/evolver-2.70+ds/src/khyp.c
Examining data/evolver-2.70+ds/src/klein.c
Examining data/evolver-2.70+ds/src/knot1.c
Examining data/evolver-2.70+ds/src/knot2.c
Examining data/evolver-2.70+ds/src/knot3.c
Examining data/evolver-2.70+ds/src/kusner.c
Examining data/evolver-2.70+ds/src/lagrange.c
Examining data/evolver-2.70+ds/src/lex.h
Examining data/evolver-2.70+ds/src/lexinit2.c
Examining data/evolver-2.70+ds/src/lexinit.c
Examining data/evolver-2.70+ds/src/lexyy.c
Examining data/evolver-2.70+ds/src/machine.c
Examining data/evolver-2.70+ds/src/matrix.c
Examining data/evolver-2.70+ds/src/meanint.c
Examining data/evolver-2.70+ds/src/method1.c
Examining data/evolver-2.70+ds/src/method2.c
Examining data/evolver-2.70+ds/src/method3.c
Examining data/evolver-2.70+ds/src/method4.c
Examining data/evolver-2.70+ds/src/method5.c
Examining data/evolver-2.70+ds/src/metis.c
Examining data/evolver-2.70+ds/src/metric.c
Examining data/evolver-2.70+ds/src/mindeg.c
Examining data/evolver-2.70+ds/src/model.c
Examining data/evolver-2.70+ds/src/model.h
Examining data/evolver-2.70+ds/src/modify.c
Examining data/evolver-2.70+ds/src/mvgraph.c
Examining data/evolver-2.70+ds/src/node_names.h
Examining data/evolver-2.70+ds/src/odrv.c
Examining data/evolver-2.70+ds/src/oglgraph.c
Examining data/evolver-2.70+ds/src/pixgraph.c
Examining data/evolver-2.70+ds/src/popfilm.c
Examining data/evolver-2.70+ds/src/quantity.c
Examining data/evolver-2.70+ds/src/quantity.h
Examining data/evolver-2.70+ds/src/query.c
Examining data/evolver-2.70+ds/src/quotient.c
Examining data/evolver-2.70+ds/src/registry.c
Examining data/evolver-2.70+ds/src/resource.h
Examining data/evolver-2.70+ds/src/sdrv.c
Examining data/evolver-2.70+ds/src/simequi2.c
Examining data/evolver-2.70+ds/src/simplex.c
Examining data/evolver-2.70+ds/src/skeleton.c
Examining data/evolver-2.70+ds/src/skeleton.h
Examining data/evolver-2.70+ds/src/softimag.c
Examining data/evolver-2.70+ds/src/sqcurve2.c
Examining data/evolver-2.70+ds/src/sqcurve3.c
Examining data/evolver-2.70+ds/src/sqcurve.c
Examining data/evolver-2.70+ds/src/storage.c
Examining data/evolver-2.70+ds/src/storage.h
Examining data/evolver-2.70+ds/src/stringl.c
Examining data/evolver-2.70+ds/src/stringq.c
Examining data/evolver-2.70+ds/src/symmetry.c
Examining data/evolver-2.70+ds/src/symtable.c
Examining data/evolver-2.70+ds/src/teix.c
Examining data/evolver-2.70+ds/src/tokname.c
Examining data/evolver-2.70+ds/src/tordup.c
Examining data/evolver-2.70+ds/src/torus.c
Examining data/evolver-2.70+ds/src/torvol.c
Examining data/evolver-2.70+ds/src/userio.c
Examining data/evolver-2.70+ds/src/veravg.c
Examining data/evolver-2.70+ds/src/verpopst.c
Examining data/evolver-2.70+ds/src/web.h
Examining data/evolver-2.70+ds/src/wulff.c
Examining data/evolver-2.70+ds/src/xgraph.c
Examining data/evolver-2.70+ds/src/yexparse.c
Examining data/evolver-2.70+ds/src/ytab.h
Examining data/evolver-2.70+ds/src/zoom.c
Examining data/evolver-2.70+ds/src/ytab.c
Examining data/evolver-2.70+ds/src/include.h
Examining data/evolver-2.70+ds/src/trirevis.c
Examining data/evolver-2.70+ds/src/psgraph.c
Examining data/evolver-2.70+ds/src/painter.c
Examining data/evolver-2.70+ds/src/evaltree.c
Examining data/evolver-2.70+ds/src/dump.c
Examining data/evolver-2.70+ds/src/eval_all.c
Examining data/evolver-2.70+ds/src/eval_sec.c
Examining data/evolver-2.70+ds/src/alice.c
Examining data/evolver-2.70+ds/src/nulgraph.c
Examining data/evolver-2.70+ds/src/glutgraph.c
Examining data/evolver-2.70+ds/src/utility.c
Examining data/evolver-2.70+ds/src/proto.h
Examining data/evolver-2.70+ds/src/userfunc.c
Examining data/evolver-2.70+ds/src/readline.c
Examining data/evolver-2.70+ds/src/rl_head.h
Examining data/evolver-2.70+ds/src/rl_mid.h
Examining data/evolver-2.70+ds/src/grapher.c
Examining data/evolver-2.70+ds/src/help.c
Examining data/evolver-2.70+ds/src/evalmore.c
Examining data/evolver-2.70+ds/src/variable.c
Examining data/evolver-2.70+ds/src/tmain.c
Examining data/evolver-2.70+ds/src/extern.h
FINAL RESULTS:
data/evolver-2.70+ds/src/bk.c:453:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/bk.c:457:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/bk.c:466:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/bk.c:470:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/bk.c:519:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"v%s.%d",ELNAME(v_id),j+1);
data/evolver-2.70+ds/src/boundary.c:175:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Extrapolate does not converge in 10 steps: \n boundary %s is not smooth enough at vertex %s. \n", bdry->name, ELNAME(v_id));
data/evolver-2.70+ds/src/boundary.c:421:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Partner of %s is %d, but partner of %d is %d.\n",
data/evolver-2.70+ds/src/calcforc.c:574:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Zero area around vertex %s.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/calcforc.c:907:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Body %s has volume %f\n",ELNAME(b_id),
data/evolver-2.70+ds/src/check.c:92:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%s %s has method %s twice.\n",
data/evolver-2.70+ds/src/check.c:262:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Task %d: local_id is %08X on %s ibase[0x%X], self id %08X\n",
data/evolver-2.70+ds/src/check.c:310:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Facetedge %s links to invalid facet %08lX.\n",
data/evolver-2.70+ds/src/check.c:321:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Facetedge %s links to facet %s with invalid facetedge %s.\n",
data/evolver-2.70+ds/src/check.c:335:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s links to invalid edge %08lX.\n",
data/evolver-2.70+ds/src/check.c:345:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s links to edge %s with invalid facetedge %s.\n",
data/evolver-2.70+ds/src/check.c:356:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s has bad prev edge link\n",ELNAME(fe_id));
data/evolver-2.70+ds/src/check.c:364:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s has bad next edge link\n",ELNAME(fe_id));
data/evolver-2.70+ds/src/check.c:372:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s has bad next facet link\n",ELNAME(fe_id));
data/evolver-2.70+ds/src/check.c:380:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s has bad prev facet link\n",ELNAME(fe_id));
data/evolver-2.70+ds/src/check.c:389:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s head vertex disagrees with next tail.\n",
data/evolver-2.70+ds/src/check.c:400:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s tail vertex disagrees with prev head.\n",
data/evolver-2.70+ds/src/check.c:425:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has no edges.\n",
data/evolver-2.70+ds/src/check.c:430:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg," (originally vertex %s)\n",ELNAME(v_id));
data/evolver-2.70+ds/src/check.c:437:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has invalid edge link.\n",
data/evolver-2.70+ds/src/check.c:447:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has bad midpoint edge link.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/check.c:462:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has bad edge link.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/check.c:470:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has bad edge link.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/check.c:487:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has bad edge loop from edge %s.\n",
data/evolver-2.70+ds/src/check.c:502:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has bad edge loop from edge %s.\n",
data/evolver-2.70+ds/src/check.c:525:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Vertex %s is axial and not first vertex of edge %s.\n",
data/evolver-2.70+ds/src/check.c:537:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s on edge %s but found in loop of edge %s.\n",
data/evolver-2.70+ds/src/check.c:546:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Bad chain of facetedges around edge %s.\n",
data/evolver-2.70+ds/src/check.c:562:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Edge %s has no facets, and is not marked \"bare\".\n",ELNAME(e_id));
data/evolver-2.70+ds/src/check.c:566:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (originally edge %s)\n",ELNAME(e_id));
data/evolver-2.70+ds/src/check.c:573:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Facets around edge %s do not link up.\n",
data/evolver-2.70+ds/src/check.c:578:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (originally edge %s)\n",ELNAME(e_id));
data/evolver-2.70+ds/src/check.c:631:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s on facet %s instead of %s.\n",
data/evolver-2.70+ds/src/check.c:641:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Facetedge loop not closed on facet %s.\n",
data/evolver-2.70+ds/src/check.c:646:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (originally facet %s)\n", ELNAME(orig));
data/evolver-2.70+ds/src/check.c:659:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Edges around facet %s do not link up.\n",
data/evolver-2.70+ds/src/check.c:664:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (originally facet %s)\n", ELNAME(orig));
data/evolver-2.70+ds/src/check.c:673:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Facet %s has %d edges.\n",ELNAME(f_id),thiscount);
data/evolver-2.70+ds/src/check.c:677:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (originally facet %s)\n", ELNAME(orig));
data/evolver-2.70+ds/src/check.c:724:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facetedge %s on facet %s and edge %s not reached in facet edge list.\n",
data/evolver-2.70+ds/src/check.c:759:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Vertex %s not found in facet %s.\n",ELNAME(v_id),ELNAME2(f_id));
data/evolver-2.70+ds/src/check.c:771:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Vertex %s has bad facet list.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/check.c:810:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Body %s has invalid facet link to facet %s.\n",
data/evolver-2.70+ds/src/check.c:818:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Body %s has link to facet %s, which is on body %s.\n",
data/evolver-2.70+ds/src/check.c:846:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Inconsistent bodies for facets on edge %s.",
data/evolver-2.70+ds/src/check.c:854:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (originally edge %s)",ELNAME(orig));
data/evolver-2.70+ds/src/check.c:861:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (orig. %s)",ELNAME(orig)); erroutstring(msg); }
data/evolver-2.70+ds/src/check.c:864:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," has body %s",ELNAME(b_id));
data/evolver-2.70+ds/src/check.c:868:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (orig. %s)",ELNAME(orig));
data/evolver-2.70+ds/src/check.c:877:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (orig. %s)",ELNAME(orig));
data/evolver-2.70+ds/src/check.c:882:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," has body %s",ELNAME(bb_id));
data/evolver-2.70+ds/src/check.c:886:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (orig. %s)",ELNAME(orig));
data/evolver-2.70+ds/src/check.c:918:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Invalid facet %s on body facet list of body %s.\n",
data/evolver-2.70+ds/src/check.c:925:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facet %s on body %s facet list, but is on body %s.\n",
data/evolver-2.70+ds/src/check.c:933:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Facet %s next body facet has bad prev_body_facet.\n",
data/evolver-2.70+ds/src/check.c:987:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Edge %s",ELNAME(e_id));
data/evolver-2.70+ds/src/check.c:991:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (orig. %s)",ELNAME(orig));
data/evolver-2.70+ds/src/check.c:994:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," is loop on vertex %s",ELNAME(v1));
data/evolver-2.70+ds/src/check.c:998:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," (orig. %s)",ELNAME(orig));
data/evolver-2.70+ds/src/check.c:1031:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edges %s and %s have same endpoints: %s %s",
data/evolver-2.70+ds/src/check.c:1092:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Facets %s and %s have same vertices: %s %s %s.",
data/evolver-2.70+ds/src/check.c:1212:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Big wrap %d on edge %s period %d\n",
data/evolver-2.70+ds/src/check.c:1235:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Facet %s has unclosed edge loop.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/check.c:1242:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Wraps around facet %s not consistent.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/cnstrnt.c:98:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/cnstrnt.c:104:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg)," %s",get_constraint(conlist[i])->name);
data/evolver-2.70+ds/src/cnstrnt.c:191:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/cnstrnt.c:198:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg)," %s",constr[i]->name);
data/evolver-2.70+ds/src/cnstrnt.c:271:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/cnstrnt.c:277:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg)," %s",constr[i]->name);
data/evolver-2.70+ds/src/cnstrnt.c:365:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s hits more constraints than dimension of space.\n",
data/evolver-2.70+ds/src/cnstrnt.c:394:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/cnstrnt.c:824:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s on too many convex constraints.\n",
data/evolver-2.70+ds/src/cnstrnt.c:846:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/cnstrnt.c:859:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/cnstrnt.c:931:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s on too many convex constraints.\n",
data/evolver-2.70+ds/src/cnstrnt.c:1386:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/cnstrnt.c:1438:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s hits more constraints than dimension of space.\n",
data/evolver-2.70+ds/src/command.c:189:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%9s %32s %10s %5d %5d ",typenames[i],
data/evolver-2.70+ds/src/command.c:249:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Body %s. Current pressure %f. Enter new: ",
data/evolver-2.70+ds/src/command.c:274:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Body %s. Current target volume %g. Enter new: ",
data/evolver-2.70+ds/src/command.c:449:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Homothety adjustment is %s.\n",
data/evolver-2.70+ds/src/command.c:953:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Datafile: %s\n",datafilename);
data/evolver-2.70+ds/src/command.c:979:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Total %s: %*.*Qg\n",areaname,DWIDTH,DPREC,web.total_area);
data/evolver-2.70+ds/src/command.c:981:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Total %s: %*.*Lg\n",areaname,DWIDTH,DPREC,web.total_area);
data/evolver-2.70+ds/src/command.c:983:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Total %s: %17.15g\n",areaname,web.total_area);
data/evolver-2.70+ds/src/command.c:1178:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %*.*Qg %*.*Qg %*.*Qg\n",
data/evolver-2.70+ds/src/command.c:1182:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ------------ %*.*Qg %*.*Qg\n",
data/evolver-2.70+ds/src/command.c:1186:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ------------ %*.*Qg \n",
data/evolver-2.70+ds/src/command.c:1190:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %*.*Lg %*.*Lg %*.*Lg\n",
data/evolver-2.70+ds/src/command.c:1194:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ------------ %*.*Lg %*.*Lg\n",
data/evolver-2.70+ds/src/command.c:1198:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ------------ %*.*Lg \n",
data/evolver-2.70+ds/src/command.c:1202:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %22.15g %22.15g %17.15g\n",
data/evolver-2.70+ds/src/command.c:1206:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ------------ %22.15g %17.15g\n",
data/evolver-2.70+ds/src/command.c:1210:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ------------ %22.15g \n",
data/evolver-2.70+ds/src/command.c:1224:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%*s target value actual value pressure\n",max_name," Quantity");
data/evolver-2.70+ds/src/command.c:1230:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%*s (conserved) ----------------- %*.*Qg\n",max_name,
data/evolver-2.70+ds/src/command.c:1233:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%*s %*.*Qg %*.*Qg %*.*Qg\n",max_name,
data/evolver-2.70+ds/src/command.c:1237:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%20s --------- %*.*Qg\n",
data/evolver-2.70+ds/src/command.c:1241:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%*s (conserved) ----------------- %*.*Lg\n",max_name,
data/evolver-2.70+ds/src/command.c:1244:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%*s %*.*Lg %*.*Lg %*.*Lg\n",max_name,
data/evolver-2.70+ds/src/command.c:1248:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%20s --------- %*.*Lg\n",
data/evolver-2.70+ds/src/command.c:1252:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%*s (conserved) ---------------- %17.15g\n",max_name,
data/evolver-2.70+ds/src/command.c:1255:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%*s %22.15g %22.15g %17.15g\n",max_name,
data/evolver-2.70+ds/src/command.c:1258:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%*s --------- %22.15g\n",max_name,
data/evolver-2.70+ds/src/command.c:1304:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%2d. %31.31s array %s",n+1,g->name,datatype_name[g->type]);
data/evolver-2.70+ds/src/display.c:672:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal transform expression syntax: %s\n",expr);
data/evolver-2.70+ds/src/display.c:719:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal transform expression syntax: %s\n",expr);
data/evolver-2.70+ds/src/dump.c:59:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Enter name of dump file (%s): ",defaultname);
data/evolver-2.70+ds/src/dump.c:85:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(dest,
data/evolver-2.70+ds/src/dump.c:126:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"\"%s\"",*(char**)src);
data/evolver-2.70+ds/src/dump.c:134:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"vertex[%s]",ELNAME(*(element_id*)src));
data/evolver-2.70+ds/src/dump.c:140:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"edge[%s]",ELNAME(*(element_id*)src));
data/evolver-2.70+ds/src/dump.c:146:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"facet[%s]",ELNAME(*(element_id*)src));
data/evolver-2.70+ds/src/dump.c:152:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"body[%s]",ELNAME(*(element_id*)src));
data/evolver-2.70+ds/src/dump.c:158:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"facetedge[%s]",ELNAME(*(element_id*)src));
data/evolver-2.70+ds/src/dump.c:163:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"%s",web.boundaries[*(int*)src].name);
data/evolver-2.70+ds/src/dump.c:166:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"%s",get_constraint(*(int*)src)->name);
data/evolver-2.70+ds/src/dump.c:169:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"%s",GEN_QUANT(*(int*)src)->name);
data/evolver-2.70+ds/src/dump.c:172:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"%s",METH_INSTANCE(*(int*)src)->name);
data/evolver-2.70+ds/src/dump.c:175:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dest,"%s",globals(*(int*)src)->name);
data/evolver-2.70+ds/src/dump.c:179:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Printing of type \"%s\" not implemented.\n",
data/evolver-2.70+ds/src/dump.c:329:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"// datafilename: %s\n",datafilename);
data/evolver-2.70+ds/src/dump.c:332:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\nEvolver_version \"%s\" // minimal version needed\n\n",
data/evolver-2.70+ds/src/dump.c:386:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"volume_method_name \"%s\"\n",volume_method_name);
data/evolver-2.70+ds/src/dump.c:390:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"length_method_name \"%s\"\n",length_method_name);
data/evolver-2.70+ds/src/dump.c:394:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"area_method_name \"%s\"\n",area_method_name);
data/evolver-2.70+ds/src/dump.c:409:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"LOAD_LIBRARY \"%s\"\n",dll_list[i].name);
data/evolver-2.70+ds/src/dump.c:426:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"SYMMETRY_GROUP \"%s\"\n\n",symmetry_name); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:449:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"PARAMETER %s ",g->name);
data/evolver-2.70+ds/src/dump.c:452:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"PARAMETER_FILE \"%s\" \n",
data/evolver-2.70+ds/src/dump.c:454:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg,"PARAMETER_FILE \"%s\" \n","not dumped");
data/evolver-2.70+ds/src/dump.c:460:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"OPTIMIZING_PARAMETER %s ",g->name);
data/evolver-2.70+ds/src/dump.c:462:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"PARAMETER %s ",g->name);
data/evolver-2.70+ds/src/dump.c:500:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"on_assign_call %s ",globals(g->attr.varstuff.on_assign_call)->name);
data/evolver-2.70+ds/src/dump.c:510:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"define %s",g->name);
data/evolver-2.70+ds/src/dump.c:512:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg,datatype_name[g->type]);
data/evolver-2.70+ds/src/dump.c:625:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"color %s\n",COLORNAME(transform_colors[k]));
data/evolver-2.70+ds/src/dump.c:687:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"WULFF: \"%s\"\n\n",web.wulff_name); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:689:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"PHASEFILE \"%s\"\n\n",phase_file_name); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:749:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\ndefine %s attribute %s %s",typenames[e_type], ex->name,
data/evolver-2.70+ds/src/dump.c:910:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"#define %s ",macros[n].name);
data/evolver-2.70+ds/src/dump.c:1022:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s",ELNAME(v_id)); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1031:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," boundary %s ",bdry->name);
data/evolver-2.70+ds/src/dump.c:1046:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ",ELNAME(v_id)); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1064:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%s ",con->name); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1081:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," original %s",ELNAME(orig)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1092:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s ",GEN_QUANT(mi->quants[0])->name);
data/evolver-2.70+ds/src/dump.c:1093:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg," %s%c ",mi->name,methlist[i]<0?'-':' ');
data/evolver-2.70+ds/src/dump.c:1103:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s ",ex->name);
data/evolver-2.70+ds/src/dump.c:1135:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ",ELNAME(e_id)); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1141:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%3s ",ELNAME(v[i])); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1148:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%3s ",ELNAME(v[i])); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1151:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%3s %3s ", ELNAME(get_edge_tailv(e_id)),
data/evolver-2.70+ds/src/dump.c:1156:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," /*midpt*/ %3s ",ELNAME(get_edge_midv(e_id)));
data/evolver-2.70+ds/src/dump.c:1184:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Bad wrap %lX on edge %s period %d\n",
data/evolver-2.70+ds/src/dump.c:1206:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," boundary %s ",bdry->name);
data/evolver-2.70+ds/src/dump.c:1217:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%s ",con->name); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1233:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," color %s ",COLORNAME(get_edge_color(e_id))); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1249:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s%c ",GEN_QUANT(mi->quants[0])->name,(mm<0?'-':' '));
data/evolver-2.70+ds/src/dump.c:1250:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg,"%s%c ",mi->name,(mm<0?'-':' '));
data/evolver-2.70+ds/src/dump.c:1256:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," original %s",ELNAME(orig)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1264:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s ",ex->name);
data/evolver-2.70+ds/src/dump.c:1298:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%3s ",ELNAME(f_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1306:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," %3s",ELNAME(v[i])); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1313:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s",SELNAME(e_id) );
data/evolver-2.70+ds/src/dump.c:1327:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%3s ",ELNAME(v[i])); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1332:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," boundary %s ",bdry->name);
data/evolver-2.70+ds/src/dump.c:1343:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%s ",con->name); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1366:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," color %s ",COLORNAME(get_facet_color(f_id)));
data/evolver-2.70+ds/src/dump.c:1369:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," backcolor %s ",COLORNAME(get_facet_backcolor(f_id)));
data/evolver-2.70+ds/src/dump.c:1387:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s%c ",GEN_QUANT(mi->quants[0])->name,(mm<0?'-':' '));
data/evolver-2.70+ds/src/dump.c:1388:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg," %s%c ",mi->name,(mm<0?'-':' '));
data/evolver-2.70+ds/src/dump.c:1395:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," original %s",ELNAME(orig)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1403:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s ",ex->name);
data/evolver-2.70+ds/src/dump.c:1441:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s ",ELNAME(b_id)); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1444:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," %s",SELNAME(f_id));
data/evolver-2.70+ds/src/dump.c:1455:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: body %s facet list not closed.\n",
data/evolver-2.70+ds/src/dump.c:1462:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
{ sprintf(msg,
data/evolver-2.70+ds/src/dump.c:1525:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," original %s",ELNAME(orig));
data/evolver-2.70+ds/src/dump.c:1534:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s ",GEN_QUANT(mi->quants[0])->name);
data/evolver-2.70+ds/src/dump.c:1535:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg,"%s%c ",mi->name,methlist[i]>0?' ':'-');
data/evolver-2.70+ds/src/dump.c:1546:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s ",ex->name);
data/evolver-2.70+ds/src/dump.c:1570:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s on\n",togglename);
data/evolver-2.70+ds/src/dump.c:1586:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s off\n",togglename);
data/evolver-2.70+ds/src/dump.c:1618:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Dumping to %s.\n",name);
data/evolver-2.70+ds/src/dump.c:1623:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot open file %s.\n",name);
data/evolver-2.70+ds/src/dump.c:1681:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' involved in cyclic definition.\n",g->name);
data/evolver-2.70+ds/src/dump.c:1697:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s ::= ",g->name);
data/evolver-2.70+ds/src/dump.c:1698:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg,"%s := ",g->name);
data/evolver-2.70+ds/src/dump.c:1898:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s := {}\n",globals(i)->name);
data/evolver-2.70+ds/src/dump.c:1910:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s ::= {}\n",perm_globals(i)->name);
data/evolver-2.70+ds/src/dump.c:2020:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%s := ",g->name);
data/evolver-2.70+ds/src/dump.c:2033:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%s ",g->name);
data/evolver-2.70+ds/src/dump.c:2047:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s.pdelta = %2.*Qg; ",g->name,DPREC,g->attr.varstuff.delta);
data/evolver-2.70+ds/src/dump.c:2049:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s.pdelta = %2.*Lg; ",g->name,DPREC,g->attr.varstuff.delta);
data/evolver-2.70+ds/src/dump.c:2051:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s.pdelta = %2.15g; ",g->name,g->attr.varstuff.delta);
data/evolver-2.70+ds/src/dump.c:2059:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s.pscale = %2.*Qg ",g->name,DPREC,g->attr.varstuff.pscale);
data/evolver-2.70+ds/src/dump.c:2061:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s.pscale = %2.*Lg ",g->name,DPREC,g->attr.varstuff.pscale);
data/evolver-2.70+ds/src/dump.c:2063:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s.pscale = %2.15g ",g->name,g->attr.varstuff.pscale);
data/evolver-2.70+ds/src/dump.c:2074:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"define %s",g->name);
data/evolver-2.70+ds/src/dump.c:2076:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg,datatype_name[g->type]);
data/evolver-2.70+ds/src/dump.c:2081:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s = \n",g->name);
data/evolver-2.70+ds/src/dump.c:2096:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\ndefine %s attribute %s %s",typenames[e_type], ex->name,
data/evolver-2.70+ds/src/dump.c:2182:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"colorfile := \"%s\"\n",cmapname);
data/evolver-2.70+ds/src/dump.c:2233:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"transform_expr \"%s\"\n",transform_expr);
data/evolver-2.70+ds/src/dump.c:2289:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%6s %5s %5s %8s %8s %8s %8s",
data/evolver-2.70+ds/src/dump.c:2303:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s ",ex->name);
data/evolver-2.70+ds/src/dump.c:2333:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot open file %s.\n",name);
data/evolver-2.70+ds/src/dump.c:2338:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s: Dump of force.\n\n",name); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2348:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %17.*Qf %17.*Qf |x| = %17.*Qf ",
data/evolver-2.70+ds/src/dump.c:2351:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %17.*Lf %17.*Lf |x| = %17.*Lf ",
data/evolver-2.70+ds/src/dump.c:2354:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %17.15f %17.15f |x| = %17.15f ",
data/evolver-2.70+ds/src/dump.c:2361:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %17.*Qf %17.*Qf %17.*Qf |x| = %17.*Qf ",
data/evolver-2.70+ds/src/dump.c:2364:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %17.*Lf %17.*Lf %17.*Lf |x| = %17.*Lf ",
data/evolver-2.70+ds/src/dump.c:2367:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3s %17.15f %17.15f %17.15f |x| = %17.15f ",
data/evolver-2.70+ds/src/dump.c:2381:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"%s ",con->name); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2442:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s attributes:\n",typenames[n]); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2445:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%32s %s",ex->name,datatype_name[ex->type]);
data/evolver-2.70+ds/src/dump.c:2483:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s INFO_ONLY ",q->name); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2487:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s CONSERVED lagrange_multiplier %2.*Qg",
data/evolver-2.70+ds/src/dump.c:2490:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s CONSERVED lagrange_multiplier %2.*Lg",
data/evolver-2.70+ds/src/dump.c:2493:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s CONSERVED lagrange_multiplier %2.15g",
data/evolver-2.70+ds/src/dump.c:2500:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s FIXED = %2.*Qg lagrange_multiplier %2.*Qg",
data/evolver-2.70+ds/src/dump.c:2503:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s FIXED = %2.*Lg lagrange_multiplier %2.*Lg",
data/evolver-2.70+ds/src/dump.c:2506:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s FIXED = %2.15g lagrange_multiplier %2.15g",
data/evolver-2.70+ds/src/dump.c:2512:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"QUANTITY %s ENERGY ",q->name); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2586:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\nCONSTRAINT %s ",con->name);
data/evolver-2.70+ds/src/dump.c:2633:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\nBOUNDARY %s PARAMETERS %d",bdry->name,bdry->pcount);
data/evolver-2.70+ds/src/eval_all.c:104:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array index %d of array %s is %d. Indexes start at 1.",
data/evolver-2.70+ds/src/eval_all.c:106:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:111:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array index %d of array %s is %d; exceeds bound of %d.",
data/evolver-2.70+ds/src/eval_all.c:113:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:374:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"%s index %d is not valid.\n",
data/evolver-2.70+ds/src/eval_all.c:377:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:412:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_all.c:415:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:435:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Can't have indexed x on %s, in %s.\n",
data/evolver-2.70+ds/src/eval_all.c:437:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:552:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:568:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:722:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:835:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:848:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:862:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1192:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_all.c:1215:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_all.c:1310:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1463:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_all.c:1466:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1471:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array index %d of array %s is %d; exceeds bound of %d.\n",
data/evolver-2.70+ds/src/eval_all.c:1473:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1533:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1552:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Bad expression eval_all() node type %d: %s.",
data/evolver-2.70+ds/src/eval_sec.c:127:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array index %d of array %s is %d. Indexes start at 1.",
data/evolver-2.70+ds/src/eval_sec.c:129:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:134:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array index %d of array %s is %d; exceeds bound of %d.",
data/evolver-2.70+ds/src/eval_sec.c:136:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:424:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"%s index %d is not valid.\n",
data/evolver-2.70+ds/src/eval_sec.c:427:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:465:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:468:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:488:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Can't have indexed x on %s, in %s.\n",
data/evolver-2.70+ds/src/eval_sec.c:490:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:604:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:628:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:643:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:657:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:684:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:711:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:718:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:769:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:853:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:869:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:886:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:961:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:979:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1005:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1180:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1215:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1233:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1407:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:1410:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1432:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:1436:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1510:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1533:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1550:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1575:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1686:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:1689:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1694:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array index %d of array %s is %d; exceeds bound of %d.\n",
data/evolver-2.70+ds/src/eval_sec.c:1696:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1758:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1771:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Bad expression eval_second() node type: %s.",
data/evolver-2.70+ds/src/eval_sec.c:1773:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:119:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:187:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:193:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:218:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:230:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:233:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:248:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:304:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:338:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:344:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:364:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:370:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:390:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:396:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:411:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:418:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:431:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:438:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:515:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:527:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:568:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:584:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:658:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:699:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:828:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:842:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:857:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot unfix \"%s\" since it is not type REAL.\n",
data/evolver-2.70+ds/src/evalmore.c:863:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:871:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s now optimizing parameter. (was not)\n",p->name);
data/evolver-2.70+ds/src/evalmore.c:873:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg,"%s now optimizing parameter. (already was)\n",p->name);
data/evolver-2.70+ds/src/evalmore.c:885:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"`%s` not found in optimizing parameter list.\n",p->name);
data/evolver-2.70+ds/src/evalmore.c:886:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:893:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s now nonoptimizing parameter. (was not)\n",p->name);
data/evolver-2.70+ds/src/evalmore.c:895:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg,"%s now nonoptimizing parameter. (already was)\n",p->name);
data/evolver-2.70+ds/src/evalmore.c:927:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:930:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:935:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:938:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1049:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1099:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1104:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:1107:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1136:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot put %s %s on a boundary since it is already on a constraint.\n",
data/evolver-2.70+ds/src/evalmore.c:1138:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1152:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"%s %s already on a different boundary.\n",
data/evolver-2.70+ds/src/evalmore.c:1154:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1182:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1209:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1264:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1296:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1311:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1325:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1335:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1377:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:1380:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1385:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Attribute %s index %d is %d; must be positive.\n",
data/evolver-2.70+ds/src/evalmore.c:1387:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1481:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1494:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1510:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1592:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1613:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1649:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1654:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:1657:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1725:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1773:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1816:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1826:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1884:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1939:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2018:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: Body %s facet list is not closed.\n",
data/evolver-2.70+ds/src/evalmore.c:2020:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2046:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2053:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2126:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open file %s. \n",s);
data/evolver-2.70+ds/src/evalmore.c:2129:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open redirection file %s.\n",s);
data/evolver-2.70+ds/src/evalmore.c:2131:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2164:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open file %s. \n",s);
data/evolver-2.70+ds/src/evalmore.c:2167:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open redirection file %s.\n",s);
data/evolver-2.70+ds/src/evalmore.c:2169:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2194:20: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
outfd = popen(s,"w");
data/evolver-2.70+ds/src/evalmore.c:2200:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open pipe %s. \n",s);
data/evolver-2.70+ds/src/evalmore.c:2203:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open pipe %s.\n",s);
data/evolver-2.70+ds/src/evalmore.c:2205:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2370:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2373:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2407:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3d. %s: %#17.15g energy: %#17.15g scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2424:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3d. %s: %#17.15g energy: %#17.15g scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2443:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3d. %s: %#17.15g energy: %#17.15g scale: %#g\n",
data/evolver-2.70+ds/src/evalmore.c:2472:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3d. %s: %#17.15g energy: %#17.15g \n",1,
data/evolver-2.70+ds/src/evalmore.c:2488:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3d. %s: %#17.15g energy: %#17.15g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2503:10: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
{ execlp("sh","sh",NULL);
data/evolver-2.70+ds/src/evalmore.c:2580:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2586:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2596:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2607:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(*(char**)(stacktop--));
data/evolver-2.70+ds/src/evalmore.c:2617:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2624:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Unable to change to directory \"%s\".\n",
data/evolver-2.70+ds/src/evalmore.c:2626:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2644:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2676:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2683:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2690:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2699:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2706:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2713:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3240:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3304:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3421:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (msg," (%s: %g)\n",ZENER_COEFF_NAME,(double)globals(zd)->value.real);
data/evolver-2.70+ds/src/evalmore.c:3422:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg," (%s not set)\n",ZENER_COEFF_NAME);
data/evolver-2.70+ds/src/evalmore.c:3463:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3614:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3646:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3670:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3715:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"1. %s: %17.15g energy: %17.15g stepsize: %g\n",
data/evolver-2.70+ds/src/evalmore.c:3797:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s",s);
data/evolver-2.70+ds/src/evalmore.c:3805:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"%s",s);
data/evolver-2.70+ds/src/evalmore.c:3900:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d; nnode->type %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3913:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msgspot,format,ss);
data/evolver-2.70+ds/src/evalmore.c:3917:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msgspot,format,(int)(*(stacktop-n+ ++formatcount)));
data/evolver-2.70+ds/src/evalmore.c:3931:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msgspot,format,(*(stacktop-n + formatcount)));
data/evolver-2.70+ds/src/evalmore.c:3939:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msgspot,format,0,0,0,0); /* unrecognized */
data/evolver-2.70+ds/src/evalmore.c:3947:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3966:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str,newmsg);
data/evolver-2.70+ds/src/evalmore.c:3982:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4038:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d; nnode->type %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4112:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4129:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s\n",s);
data/evolver-2.70+ds/src/evalmore.c:4221:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4228:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4414:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4446:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*ss,s);
data/evolver-2.70+ds/src/evalmore.c:4461:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(g->value.string,s);
data/evolver-2.70+ds/src/evalmore.c:4549:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Changing datatype of array '%s'. Data zeroed.\n",g->name);
data/evolver-2.70+ds/src/evalmore.c:4550:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4637:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4644:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4664:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4677:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4698:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4720:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4734:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4747:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4768:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4790:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4824:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4828:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Homothety adjustment is %s.",
data/evolver-2.70+ds/src/evalmore.c:4907:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4923:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4938:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4989:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4995:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(text_chunks[text_id].text,text);
data/evolver-2.70+ds/src/evalmore.c:5009:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5088:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5101:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5192:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5200:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Bad expression eval node type %d: %s.",
data/evolver-2.70+ds/src/evalmore.c:5203:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5705:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,enode->op1.string);
data/evolver-2.70+ds/src/evalmore.c:5710:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,enode->op5.string);
data/evolver-2.70+ds/src/evalmore.c:5771:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,enode->op1.string);
data/evolver-2.70+ds/src/evalmore.c:5869:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not unbodying edge %s since would make facet two arcs.\n",
data/evolver-2.70+ds/src/evalmore.c:5958:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Could not link edge %s onto facet %s chain.\n",
data/evolver-2.70+ds/src/evaltree.c:133:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Trying to evaluate null expression for %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:145:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:159:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prompt_string,"Debug (\"%s\" line %d): ",ex_current.name,node->line_no);
data/evolver-2.70+ds/src/evaltree.c:179:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prompt_string,"Debug (\"%s\" line %d): ",ex_current.name,node->line_no);
data/evolver-2.70+ds/src/evaltree.c:304:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Cannot find instruction on line %d of \"%s\".\n",
data/evolver-2.70+ds/src/evaltree.c:352:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"File %s, %s:%d\n",
data/evolver-2.70+ds/src/evaltree.c:362:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s:%d\n",frame->base_ex.name,frame->return_node->line_no);
data/evolver-2.70+ds/src/evaltree.c:364:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s\n",frame->base_ex.name);
data/evolver-2.70+ds/src/evaltree.c:378:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:469:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:511:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:533:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open datafile %s.\n",name);
data/evolver-2.70+ds/src/evaltree.c:534:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:572:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot open datafile %s.\n",name);
data/evolver-2.70+ds/src/evaltree.c:573:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:628:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:642:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:669:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:671:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:696:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:698:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:825:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(show_expr[etype]->name,"show expression for %s.",
data/evolver-2.70+ds/src/evaltree.c:874:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(g->value.proc.name, g->name);
data/evolver-2.70+ds/src/evaltree.c:884:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(g->value.proc.name, g->name);
data/evolver-2.70+ds/src/evaltree.c:899:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(g->value.proc.name, g->name);
data/evolver-2.70+ds/src/evaltree.c:924:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(g->value.proc.name, g->name);
data/evolver-2.70+ds/src/evaltree.c:952:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1106:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Bad LIST element type in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1107:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1149:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Bad refine element type in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1150:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1184:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1412:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Really strange configuration around deleted edge %s\n",
data/evolver-2.70+ds/src/evaltree.c:1414:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1451:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Bad delete element type in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1452:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1547:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:1549:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1581:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:1584:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1667:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Division by zero in %s, %s %s.\n",ex_current.name,
data/evolver-2.70+ds/src/evaltree.c:1669:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Division by zero in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1670:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1681:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Modulus base zero in %s, %s %s.\n",ex_current.name,
data/evolver-2.70+ds/src/evaltree.c:1683:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Modulus base zero in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1684:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1696:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Modulus base zero in %s, %s %s.\n",ex_current.name,
data/evolver-2.70+ds/src/evaltree.c:1698:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Modulus base zero in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1699:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1712:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Division by zero in %s, %s %s.\n",ex_current.name,
data/evolver-2.70+ds/src/evaltree.c:1714:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Division by zero in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1715:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1731:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Negative power (%d) of zero in %s, %s %s.\n",
data/evolver-2.70+ds/src/evaltree.c:1734:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Negative power (%d) of zero in %s.\n",
data/evolver-2.70+ds/src/evaltree.c:1736:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1749:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:1752:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Non-integer power of a negative number in %s.\n",
data/evolver-2.70+ds/src/evaltree.c:1754:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1801:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Square root of negative number %g in %s, %s %s.\n",(DOUBLE)(*stacktop),
data/evolver-2.70+ds/src/evaltree.c:1804:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Square root of negative number %g in %s.\n",(DOUBLE)(*stacktop),ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1805:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1861:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Acosh argument less than 1 in %s, %s %s.\n",
data/evolver-2.70+ds/src/evaltree.c:1863:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Acosh argument less than 1 in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1864:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1874:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:1878:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Atanh argument magnitude not less than 1 in %s.\n",
data/evolver-2.70+ds/src/evaltree.c:1880:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1890:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Log of zero or negative number in %s, %s %s.\n",
data/evolver-2.70+ds/src/evaltree.c:1892:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Log of zero or negative number in %s.\n",
data/evolver-2.70+ds/src/evaltree.c:1894:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1942:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Division by zero in %s, %s %s.\n",ex_current.name,
data/evolver-2.70+ds/src/evaltree.c:1944:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(errmsg,"Division by zero in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:1945:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1975:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:1978:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1998:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Can't have indexed x on %s, in %s.\n",
data/evolver-2.70+ds/src/evaltree.c:2000:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2044:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2047:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2196:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Pressure only for bodies, in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:2197:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2209:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2212:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2224:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2227:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2243:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Phase of wrong type element in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:2244:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2260:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Density of wrong type element in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:2261:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2406:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot do MIDV except in QUADRATIC model (in %s).\n",
data/evolver-2.70+ds/src/evaltree.c:2408:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2559:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2562:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2592:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2595:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2615:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2619:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2695:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2698:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2714:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2735:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2737:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2761:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:2764:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2817:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"No element for SELF to refer to in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:2818:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2852:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"%s index %d is not valid.\n",
data/evolver-2.70+ds/src/evaltree.c:2855:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2995:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3840:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3852:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3942:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3953:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot put %s %s on a boundary since it is already on a constraint.\n",
data/evolver-2.70+ds/src/evaltree.c:3955:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3962:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3975:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Cannot put %s %s on boundary %d since it is already on another boundary.\n",
data/evolver-2.70+ds/src/evaltree.c:3977:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4008:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4054:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4096:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4172:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4187:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4218:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4223:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:4226:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4337:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4365:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4451:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:4454:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4459:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array index %d of array %s is %d; exceeds bound of %d.\n",
data/evolver-2.70+ds/src/evaltree.c:4461:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4501:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4548:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:4551:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4556:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:4559:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4710:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:4713:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4718:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{sprintf(errmsg,"Array index %d of array %s is %d; exceeds bound of %d.\n",
data/evolver-2.70+ds/src/evaltree.c:4720:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4971:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),
data/evolver-2.70+ds/src/evaltree.c:5009:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5053:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*(char**)pp,s);
data/evolver-2.70+ds/src/evaltree.c:5133:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),
data/evolver-2.70+ds/src/evaltree.c:5177:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5200:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s,*cspot);
data/evolver-2.70+ds/src/evaltree.c:5555:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5736:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Dividing array by zero in %s.\n",ex_current.name);
data/evolver-2.70+ds/src/evaltree.c:5737:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5912:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6082:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6091:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6101:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6209:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Variable %s is read-only.\n",g->name);
data/evolver-2.70+ds/src/evaltree.c:6210:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6232:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6259:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Variable %s is read-only.\n",g->name);
data/evolver-2.70+ds/src/evaltree.c:6260:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6338:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6346:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6353:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6369:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6410:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6586:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Element index must be positive in %s.\n",ex->name);
data/evolver-2.70+ds/src/evaltree.c:6587:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6600:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has no edges.\n",ELNAME(parent));
data/evolver-2.70+ds/src/evaltree.c:6601:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6608:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge index %d exceeds valence of vertex %s.\n",
data/evolver-2.70+ds/src/evaltree.c:6610:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6622:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s has no facets.\n",ELNAME(parent));
data/evolver-2.70+ds/src/evaltree.c:6623:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6630:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6633:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6653:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6672:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s has no facets.\n",ELNAME(parent));
data/evolver-2.70+ds/src/evaltree.c:6673:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6680:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6683:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6695:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s has no facets.\n",ELNAME(parent));
data/evolver-2.70+ds/src/evaltree.c:6696:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6703:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6706:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6722:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6725:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6734:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6737:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6759:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6781:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6784:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6798:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6815:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6818:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6834:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6842:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6863:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6866:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/exprint.c:336:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"breakpoint %s ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:343:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(pos,"unset breakpoint %s ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:502:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s%d@%d\n",(inverted(node->op1.id)?" -":""),
data/evolver-2.70+ds/src/exprint.c:508:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"valid_element(%s[",typenames[node->op1.eltype]);
data/evolver-2.70+ds/src/exprint.c:529:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"matrix_inverse(%s,%s)",
data/evolver-2.70+ds/src/exprint.c:535:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"matrix_multiply(%s,%s,%s)",
data/evolver-2.70+ds/src/exprint.c:542:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"matrix_determinant(%s)",
data/evolver-2.70+ds/src/exprint.c:592:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (pos,"%s",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:599:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"/* Definition of quantity %s was originally here.*/",
data/evolver-2.70+ds/src/exprint.c:607:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,
data/evolver-2.70+ds/src/exprint.c:617:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,
data/evolver-2.70+ds/src/exprint.c:631:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,
data/evolver-2.70+ds/src/exprint.c:644:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"define %s attribute %s %s",
data/evolver-2.70+ds/src/exprint.c:661:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"define %s %s",globals(node->op1.name_id)->name,
data/evolver-2.70+ds/src/exprint.c:672:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"define %s %s",g->name,
data/evolver-2.70+ds/src/exprint.c:691:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",globals(node->op2.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:706:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",globals(node->op2.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:730:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",get_name_name(node->op2.name_id,localbase));
data/evolver-2.70+ds/src/exprint.c:789:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos," %s",get_name_name(node->op2.name_id,localbase));
data/evolver-2.70+ds/src/exprint.c:791:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,".%s",get_name_name(node->op2.name_id,localbase));
data/evolver-2.70+ds/src/exprint.c:806:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,con->name);
data/evolver-2.70+ds/src/exprint.c:838:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"set constraint %s global",
data/evolver-2.70+ds/src/exprint.c:844:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"unset constraint %s global",
data/evolver-2.70+ds/src/exprint.c:985:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"print %s ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1007:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,".%s",EXTRAS(node->op2.eltype)[node->op3.extranum].name);
data/evolver-2.70+ds/src/exprint.c:1014:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"print %s ",perm_globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1019:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"exprint %s ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1119:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos," >> \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1128:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos," >>> \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1137:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos," >>2 \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1146:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos," >>>2 \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1156:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos," | \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1215:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s %s ",keywordname(node->type),
data/evolver-2.70+ds/src/exprint.c:1221:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"optimize %s ",
data/evolver-2.70+ds/src/exprint.c:1226:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"autochop %s ",
data/evolver-2.70+ds/src/exprint.c:1231:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"logfile %s ",
data/evolver-2.70+ds/src/exprint.c:1236:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"keylogfile %s ",
data/evolver-2.70+ds/src/exprint.c:1241:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"geomview %s ",
data/evolver-2.70+ds/src/exprint.c:1246:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"geompipe %s ",
data/evolver-2.70+ds/src/exprint.c:1271:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"(%s) ",keywordname(node->op1.toggle_id));
data/evolver-2.70+ds/src/exprint.c:1276:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",keywordname(node->op1.name_id));
data/evolver-2.70+ds/src/exprint.c:1281:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1286:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ",perm_globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1291:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"fix %s",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1296:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"unfix %s",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1301:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"fix %s",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:1306:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"unfix %s",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:1311:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"set %s fixed",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:1316:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"set %s energy",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:1321:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"set %s info_only",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:1326:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"set %s conserved",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:1331:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s %s ",keywordname(node->op1.name_id),
data/evolver-2.70+ds/src/exprint.c:1493:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ",keywordname(node->type));
data/evolver-2.70+ds/src/exprint.c:1605:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ::= ",g->name);
data/evolver-2.70+ds/src/exprint.c:1606:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(pos,"%s := ",g->name);
data/evolver-2.70+ds/src/exprint.c:1618:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ::= ",perm_globals(node[node->left].op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1635:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s %s",datatype_name[node->op3.argtype],g->name);
data/evolver-2.70+ds/src/exprint.c:1642:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s(",g->name);
data/evolver-2.70+ds/src/exprint.c:1665:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"function %s %s (",datatype_name[node->op4.ret_type],
data/evolver-2.70+ds/src/exprint.c:1679:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s(",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1700:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"procedure %s (",g->name);
data/evolver-2.70+ds/src/exprint.c:1714:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"define %s %s",globals(node->op1.name_id)->name,
data/evolver-2.70+ds/src/exprint.c:1720:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.pdelta",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1734:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.pscale",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1749:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.on_assign_call := %s",g->name,
data/evolver-2.70+ds/src/exprint.c:1758:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ::= ",g->name);
data/evolver-2.70+ds/src/exprint.c:1759:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(pos,"%s := ",g->name);
data/evolver-2.70+ds/src/exprint.c:1765:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ::= ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1772:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.no_dump on ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1774:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.no_dump off ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1779:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s += ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1785:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s -= ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1791:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s *= ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1797:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s /= ",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1803:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s%s",node->op2.assigntype==PLUSPLUS_OP ? " ++" : " --",
data/evolver-2.70+ds/src/exprint.c:1809:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s%s",globals(node->op1.name_id)->name,
data/evolver-2.70+ds/src/exprint.c:1816:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"sizeof(%s)",
data/evolver-2.70+ds/src/exprint.c:1822:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"sizeof(%s)",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:1971:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"list quantity %s",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:1976:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"list method_instance %s",
data/evolver-2.70+ds/src/exprint.c:1984:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(pos,"list constraint %s",
data/evolver-2.70+ds/src/exprint.c:1999:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(pos,"list constraint %s",
data/evolver-2.70+ds/src/exprint.c:2139:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(pos," %s ",node[node->left].op5.string);
data/evolver-2.70+ds/src/exprint.c:2170:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,".%s[",typenames[node->op1.eltype]);
data/evolver-2.70+ds/src/exprint.c:2185:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s", node->op5.string);
data/evolver-2.70+ds/src/exprint.c:2238:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,get_constraint((int)(node[node->left].op1.real))->name);
data/evolver-2.70+ds/src/exprint.c:2259:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,"constraint %s",get_constraint(node->op3.connum)->name);
data/evolver-2.70+ds/src/exprint.c:2270:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp,"boundary %s",web.boundaries[node->op3.bdrynum].name);
data/evolver-2.70+ds/src/exprint.c:2400:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(pos,"%s ",node->op5.string);
data/evolver-2.70+ds/src/exprint.c:2450:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2455:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ",METH_INSTANCE(node->op1.meth_id)->name);
data/evolver-2.70+ds/src/exprint.c:2511:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.modulus %s ",METH_INSTANCE(node->op1.meth_id)->name,
data/evolver-2.70+ds/src/exprint.c:2518:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.modulus %s ",GEN_QUANT(node->op1.quant_id)->name,
data/evolver-2.70+ds/src/exprint.c:2525:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.target %s ",GEN_QUANT(node->op1.quant_id)->name,
data/evolver-2.70+ds/src/exprint.c:2532:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.volconst %s ",GEN_QUANT(node->op1.quant_id)->name,
data/evolver-2.70+ds/src/exprint.c:2539:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.tolerance %s ",GEN_QUANT(node->op1.quant_id)->name,
data/evolver-2.70+ds/src/exprint.c:2546:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.fixed",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2551:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.energy",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2556:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.info_only",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2561:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.conserved",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2566:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.pressure",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2571:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.target",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2576:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.value",METH_INSTANCE(node->op1.meth_id)->name);
data/evolver-2.70+ds/src/exprint.c:2581:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.value",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2586:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.modulus",GEN_QUANT(node->op1.meth_id)->name);
data/evolver-2.70+ds/src/exprint.c:2591:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.modulus",GEN_QUANT(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2596:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.volconst",globals(node->op1.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:2601:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.pdelta",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:2606:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.pscale",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:2611:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.fixed",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:2616:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.p_force",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:2621:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.p_velocity",globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:2626:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s.%s",globals(node->op1.name_id)->name,
data/evolver-2.70+ds/src/exprint.c:2633:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",g->name);
data/evolver-2.70+ds/src/exprint.c:2641:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"total %s",g->name);
data/evolver-2.70+ds/src/exprint.c:2642:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(pos,"%s",g->name);
data/evolver-2.70+ds/src/exprint.c:2648:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",perm_globals(node->op1.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:2658:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",globals(node->op2.name_id)->name);
data/evolver-2.70+ds/src/exprint.c:3012:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,GEN_QUANT(node->op2.quant_id)->name);
data/evolver-2.70+ds/src/exprint.c:3018:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,METH_INSTANCE(node->op2.meth_id)->name);
data/evolver-2.70+ds/src/exprint.c:3029:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,get_constraint(node->op3.connum)->name);
data/evolver-2.70+ds/src/exprint.c:3040:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,get_constraint(node->op3.connum)->name);
data/evolver-2.70+ds/src/exprint.c:3051:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,get_constraint(node->op3.connum)->name);
data/evolver-2.70+ds/src/exprint.c:3064:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pos,web.boundaries[node->op3.bdrynum].name);
data/evolver-2.70+ds/src/exprint.c:3302:20: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ strcat(pos,con->name);
data/evolver-2.70+ds/src/exprint.c:3317:20: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
{ strcat(pos,bdry->name);
data/evolver-2.70+ds/src/exprint.c:3428:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Printing of expression node type %s (%d) unimplemented.\n",
data/evolver-2.70+ds/src/exprint.c:3458:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",op);
data/evolver-2.70+ds/src/exprint.c:3482:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s ",keyw);
data/evolver-2.70+ds/src/exprint.c:3487:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos," %s ",attrw);
data/evolver-2.70+ds/src/exprint.c:3510:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",word);
data/evolver-2.70+ds/src/exprint.c:3525:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pos,"%s",word);
data/evolver-2.70+ds/src/extern.h:854:46: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
/* || (_CrtCheckMemory() == 0 ) */ ) fprintf(stderr, \
data/evolver-2.70+ds/src/extern.h:2568:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf sprintf_s
data/evolver-2.70+ds/src/filml.c:218:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"WARNING! Zero area for facet %s.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/filml.c:225:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %s %18.15f %18.15f %18.15f\n",ELNAME(ffe),
data/evolver-2.70+ds/src/fixvol.c:493:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s hits more constraints than dimension of space.\n",
data/evolver-2.70+ds/src/fixvol.c:1038:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s hits more constraints than dimension of space.\n",
data/evolver-2.70+ds/src/fixvol.c:1305:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s hits more constraints than dimension of space.\n",
data/evolver-2.70+ds/src/gauss.c:252:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/geomgraph.c:25:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define popen _popen
data/evolver-2.70+ds/src/geomgraph.c:77:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if ( outname ) strcpy(pipename,outname);
data/evolver-2.70+ds/src/geomgraph.c:79:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(pipename,"/tmp/%s.XXXXXX",base_name);
data/evolver-2.70+ds/src/geomgraph.c:85:5: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
mktemp(pipename);
data/evolver-2.70+ds/src/geomgraph.c:113:11: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("geomview","geomview","-c","(interest (pick world))","-",NULL);
data/evolver-2.70+ds/src/geomgraph.c:135:13: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pfd = popen(outname,"w");
data/evolver-2.70+ds/src/geomgraph.c:137:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"%s: spawn failed.\n",outname);
data/evolver-2.70+ds/src/geomgraph.c:149:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"test -p %s || (test -x /etc/mknod && /etc/mknod %s p) || (test -s /usr/sbin/mknod && /usr/sbin/mknod %s p) || (test -s /usr/bin/mkfifo && /usr/bin/mkfifo %s) || /bin/mknod %s p",
data/evolver-2.70+ds/src/geomgraph.c:151:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system(msg) != 0 )
data/evolver-2.70+ds/src/geomgraph.c:152:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Pipe creation failed for %s\n",pipename);
data/evolver-2.70+ds/src/geomgraph.c:156:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Pipe name: %s\n",pipename);
data/evolver-2.70+ds/src/geomgraph.c:201:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"rm %s",pipename);
data/evolver-2.70+ds/src/geomgraph.c:202:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(msg);
data/evolver-2.70+ds/src/glutgraph.c:90:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,\
data/evolver-2.70+ds/src/glutgraph.c:824:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ case 1: strcpy(graphics_title,td->wintitle); break;
data/evolver-2.70+ds/src/glutgraph.c:825:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case 2: strcpy(graphics_title2,td->wintitle); break;
data/evolver-2.70+ds/src/glutgraph.c:826:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case 3: strcpy(graphics_title3,td->wintitle); break;
data/evolver-2.70+ds/src/glutgraph.c:1075:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Picked vertex %s\n",ELNAME(my_own_pick_vertex));
data/evolver-2.70+ds/src/glutgraph.c:1082:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Picked edge %s\n",ELNAME(my_own_pick_edge));
data/evolver-2.70+ds/src/glutgraph.c:1088:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Picked facet %s\n",ELNAME(my_own_pick_facet));
data/evolver-2.70+ds/src/glutgraph.c:1761:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/glutgraph.c:2133:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title," %s (CTRL-click for right mouse button)",datafilename);
data/evolver-2.70+ds/src/graphgen.c:1185:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s endpoints are antipodal; cannot be graphed as spherical arc.\n",
data/evolver-2.70+ds/src/graphgen.c:2349:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/graphgen.c:3454:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Problem tessellating facet %s; maybe edges not counterclockwise?\n",
data/evolver-2.70+ds/src/help.c:258:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff,spot);
data/evolver-2.70+ds/src/help.c:348:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(helpfilename,strchr(line,'"')+1);
data/evolver-2.70+ds/src/help.c:351:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(info[relcount].filename,strchr(line,'"')+1);
data/evolver-2.70+ds/src/help.c:352:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info[relcount].name,sharp+1);
data/evolver-2.70+ds/src/help.c:359:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Cannot find help entry for \"%s\". \n", keyword);
data/evolver-2.70+ds/src/help.c:370:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name+6,keyword); strcat(name,"\"");
data/evolver-2.70+ds/src/help.c:395:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %-32s %s\n",info[n].name,info[n+1].name);
data/evolver-2.70+ds/src/help.c:396:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg," %-32s \n",info[n].name);
data/evolver-2.70+ds/src/help.c:534:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Cannot find help entry for \"%s\". \n", keyword);
data/evolver-2.70+ds/src/help.c:542:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %-32s %s\n",info[n].name,info[n+1].name);
data/evolver-2.70+ds/src/help.c:543:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg," %-32s \n",info[n].name);
data/evolver-2.70+ds/src/help.c:567:13: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
{ outfd = popen("more","w");
data/evolver-2.70+ds/src/help.c:585:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined element name.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:599:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined subroutine.\n\n ",keyword);
data/evolver-2.70+ds/src/help.c:603:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined procedure. Prototype:\n\n ",keyword);
data/evolver-2.70+ds/src/help.c:609:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined function. Prototype:\n\n ",keyword);
data/evolver-2.70+ds/src/help.c:615:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined string variable.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:619:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined named quantity.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:623:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined named method.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:627:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined named constraint.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:631:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined named boundary.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:635:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: dynamic load library function.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:641:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined array of type %s",
data/evolver-2.70+ds/src/help.c:654:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: user-defined array; declaration not yet executed.\n\n",
data/evolver-2.70+ds/src/help.c:661:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\n%s: user-defined optimizing parameter\n\n", keyword);
data/evolver-2.70+ds/src/help.c:663:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\n%s: user-defined parameter of type %s\n\n", keyword,
data/evolver-2.70+ds/src/help.c:666:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\n%s: user-defined parameter (numeric variable)\n\n",
data/evolver-2.70+ds/src/help.c:679:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: permanent user-defined procedure. Prototype:\n\n ",
data/evolver-2.70+ds/src/help.c:686:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: permanent user-defined function. Prototype:\n\n ",
data/evolver-2.70+ds/src/help.c:693:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: permanent user-defined string variable.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:699:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\n%s: permanent internal %s array.\n\n",keyword,
data/evolver-2.70+ds/src/help.c:701:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg,"\n%s: permanent internal variable.\n\n",keyword);
data/evolver-2.70+ds/src/help.c:707:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: permanent user-defined parameter (numeric variable)\n\n",
data/evolver-2.70+ds/src/help.c:718:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\n%s: user-defined named quantity.\n\n",g->name);
data/evolver-2.70+ds/src/help.c:731:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"\n%s: user-defined named method, belongs to quantity %s.\n\n",
data/evolver-2.70+ds/src/help.c:749:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: %s attribute, type %s, ",
data/evolver-2.70+ds/src/help.c:765:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"\n%s: reserved type name.\n\n",keyword);
data/evolver-2.70+ds/src/hessian.c:703:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"1. %s: %17.15g energy: %17.15g \n",
data/evolver-2.70+ds/src/hessian.c:864:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"1. %s: %17.15f energy: %17.15f \n",
data/evolver-2.70+ds/src/hessian.c:1106:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"1. %s: %17.15g energy: %17.15g \n",
data/evolver-2.70+ds/src/hessian.c:1183:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mname,hname);
data/evolver-2.70+ds/src/hessian.c:1189:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/hessian.c:1206:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Dumping Hessian metric upper triangle in row col value format to %s.\n", mname);
data/evolver-2.70+ds/src/hessian.c:1218:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Dumping right hand side to %s.\n",hname);
data/evolver-2.70+ds/src/hessian.c:1240:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/hessian.c:1257:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/hessian.c:1286:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/hessian.c:1307:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/hessian.c:1321:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Dumping solution vector to %s.\n",hname);
data/evolver-2.70+ds/src/hessian.c:1372:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/hessian.c:1389:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Dumping Hessian metric upper triangle to array %sM.\n", bname);
data/evolver-2.70+ds/src/hessian.c:1406:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Dumping right hand side to vector %sRHS.\n",bname);
data/evolver-2.70+ds/src/hessian.c:1430:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Dumping L factor to array %sL.\n",bname);
data/evolver-2.70+ds/src/hessian.c:1447:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Dumping diagonal factor to array %sD.\n",bname);
data/evolver-2.70+ds/src/hessian.c:1477:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Dumping constraint matrix to array %s.\n",bname);
data/evolver-2.70+ds/src/hessian.c:1503:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Dumping permutation to vector %sP.\n",bname);
data/evolver-2.70+ds/src/hessian.c:1517:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Dumping solution to vector %sS.\n",bname);
data/evolver-2.70+ds/src/hessian3.c:681:8: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
else printf(c,"Internal error, SDRV: Mysterious value of FLAG: %d\n",FLAG);
data/evolver-2.70+ds/src/include.h:455:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define popen _popen
data/evolver-2.70+ds/src/iterate.c:283:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%3d. %s: %#17.15g energy: %#17.15g scale: %#g\n",gocount,
data/evolver-2.70+ds/src/iterate.c:484:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/iterate.c:1709:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"convert_forms_to_vectors(%s %s)\n",
data/evolver-2.70+ds/src/iterate.c:1972:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Zero area star around vertex %s.\n",
data/evolver-2.70+ds/src/iterate.c:2156:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/knot2.c:467:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"More than 2 marked edges at vertex %s\n",ELNAME(e_info->id));
data/evolver-2.70+ds/src/lexinit.c:673:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(needed_version,yytext);
data/evolver-2.70+ds/src/lexinit.c:676:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"\nDatafile %s needs Evolver version at least %s. This is version %s.\n\n",datafilename,needed_version,evolver_version);
data/evolver-2.70+ds/src/lexinit.c:796:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:820:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ext->code.name,"attribute '%s' formula",name);
data/evolver-2.70+ds/src/lexinit.c:823:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:896:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:1583:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal token '%s'.\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:1680:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal token '%s'.\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:1888:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*(char**)dest,yytext);
data/evolver-2.70+ds/src/lexinit.c:2037:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"missing value for attribute %s.\n",ex->name);
data/evolver-2.70+ds/src/lexinit.c:2058:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Too many initializers for attribute %s.\n",
data/evolver-2.70+ds/src/lexinit.c:2106:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal token in initialization of attribute %s.\n",
data/evolver-2.70+ds/src/lexinit.c:2238:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' is a %s attribute, not a vertex attribute.\n",
data/evolver-2.70+ds/src/lexinit.c:2319:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal use of identifier '%s'.\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:2420:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Unexpected token: %s\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:2679:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' is a %s attribute, not an edge attribute.\n",
data/evolver-2.70+ds/src/lexinit.c:2812:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s is on constraint %s, which has an energy integral. Probably a bad idea in the string model.\n",ELNAME(elist[k]),con->name);
data/evolver-2.70+ds/src/lexinit.c:2816:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:2860:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal use of identifier '%s'.\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:2903:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Undefined quantity: %s\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:2925:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Unexpected token: %s\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:3272:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' is a %s attribute, not a facet attribute.\n",
data/evolver-2.70+ds/src/lexinit.c:3480:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal use of identifier '%s'.\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:3496:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,yytext);
data/evolver-2.70+ds/src/lexinit.c:3534:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Unexpected token: %s\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:3686:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' is a %s attribute, not a body attribute.\n",
data/evolver-2.70+ds/src/lexinit.c:3807:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal use of identifier: %s.\n",yytext);
data/evolver-2.70+ds/src/lexinit.c:3823:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Unexpected token: %s\n",yytext);
data/evolver-2.70+ds/src/lexinit2.c:138:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Redefinition of identifier '%s'.\n",yytext);
data/evolver-2.70+ds/src/lexinit2.c:173:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->value.string,yytext);
data/evolver-2.70+ds/src/lexinit2.c:196:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg, "Cannot open parameter file %s.\n",yytext);
data/evolver-2.70+ds/src/lexinit2.c:201:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->value.file.value_file,yytext);
data/evolver-2.70+ds/src/lexinit2.c:367:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Boundary name %s already used.\n",yytext);
data/evolver-2.70+ds/src/lexinit2.c:424:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Expecting PARAMETERS keyword for boundary %s.\n",bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:438:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Bad parameter count %d for boundary %s. Assuming 1.\n",
data/evolver-2.70+ds/src/lexinit2.c:444:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:490:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:499:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:503:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"boundary %s component %d",bdry->name,i+1);
data/evolver-2.70+ds/src/lexinit2.c:525:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:531:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"boundary %s energy component %d",bdry->name,i+1);
data/evolver-2.70+ds/src/lexinit2.c:535:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Missing energy components for boundary %s\n",
data/evolver-2.70+ds/src/lexinit2.c:555:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:561:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "boundary %s content component %d", bdry->name,i+1);
data/evolver-2.70+ds/src/lexinit2.c:675:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Constraint name %s already used.\n",yytext);
data/evolver-2.70+ds/src/lexinit2.c:787:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:795:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Bad function definition for constraint %s.\n",con->name);
data/evolver-2.70+ds/src/lexinit2.c:799:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"constraint %s formula",con->name);
data/evolver-2.70+ds/src/lexinit2.c:817:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:823:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"constraint %s energy component %d",con->name,i+1);
data/evolver-2.70+ds/src/lexinit2.c:827:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Missing energy components for constraint %s\n",
data/evolver-2.70+ds/src/lexinit2.c:846:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:852:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"constraint %s content component %d",con->name,i+1);
data/evolver-2.70+ds/src/lexinit2.c:1053:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "%s scalar integrand", mi->name);
data/evolver-2.70+ds/src/lexinit2.c:1099:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s vector integrand component %d",
data/evolver-2.70+ds/src/lexinit2.c:1145:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s form integrand component %d", mi->name,i+1);
data/evolver-2.70+ds/src/lexinit2.c:1167:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:1355:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s formula",GEN_QUANT(gnum)->name);
data/evolver-2.70+ds/src/lexinit2.c:1584:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:1939:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Cannot open phase boundary energy file %s.\n",phasename);
data/evolver-2.70+ds/src/lexinit2.c:2068:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(qname,"constraint_%s_energy",con->name);
data/evolver-2.70+ds/src/lexinit2.c:2069:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name,"constraint_%s_energy_inst",con->name);
data/evolver-2.70+ds/src/lexinit2.c:2249:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(formula,gformula);
data/evolver-2.70+ds/src/lexinit2.c:2272:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(formula,gformula);
data/evolver-2.70+ds/src/lexinit2.c:2331:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(formula,gformula);
data/evolver-2.70+ds/src/lexinit2.c:2367:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(qname,"boundary_%s_energy",bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:2368:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name,"boundary_%s_energy_inst",bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:2644:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_%s_meth",i,con->name);
data/evolver-2.70+ds/src/lexinit2.c:2745:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_bdry_%s_meth",i+1,bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:2980:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_%s_meth",ordinal(b_id)+1,con->name);
data/evolver-2.70+ds/src/lexinit2.c:3021:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_bdry_%s_meth",ordinal(b_id)+1,bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:3109:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_%s_meth",ordinal(b_id)+1,con->name);
data/evolver-2.70+ds/src/lexinit2.c:3171:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(b_id)+1,c->name);
data/evolver-2.70+ds/src/lexinit2.c:3182:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(b_id)+1,c->name);
data/evolver-2.70+ds/src/lexinit2.c:3224:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(b_id)+1,c->name);
data/evolver-2.70+ds/src/lexinit2.c:3233:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(b_id)+1,c->name);
data/evolver-2.70+ds/src/lexinit2.c:3252:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_bdry_%s_meth",ordinal(b_id)+1,bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:3289:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_bdry_%s_meth",ordinal(b_id)+1,bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:3296:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inst_name1,"body_%d_bdry_%s_meth",ordinal(b_id)+1,bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:3321:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(inst_name1,"body_%d_bdry_%s_meth",ordinal(b_id)+1,bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:3327:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(inst_name1,"body_%d_bdry_%s_meth",ordinal(b_id)+1,bdry->name);
data/evolver-2.70+ds/src/lexinit2.c:3368:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(volsum,((mi->modulus > 0.0) ? "+" : "+"));
data/evolver-2.70+ds/src/lexinit2.c:3369:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(volsum,mi->name);
data/evolver-2.70+ds/src/lexinit2.c:3375:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(formula,"-ambient_pressure_value*(body[%d].target*(log(%s)-log(body[%d].target))-(%s-body[%d].target))",
data/evolver-2.70+ds/src/lexinit2.c:3379:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%s formula",qname);
data/evolver-2.70+ds/src/lexinit2.c:3467:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal token \"%s\" in array initialization.\n",yytext);
data/evolver-2.70+ds/src/lexinit2.c:3587:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Forward declared constraint %s not instantiated.\n",
data/evolver-2.70+ds/src/lexinit2.c:3597:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Forward declared boundary %s not instantiated.\n",
data/evolver-2.70+ds/src/lexinit2.c:3606:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Forward declared quantity %s not instantiated.\n",
data/evolver-2.70+ds/src/lexinit2.c:3615:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Forward declared method_instance %s not instantiated.\n",
data/evolver-2.70+ds/src/lexyy.c:3665:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/matrix.c:89:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"dmatrix from %s %d.\n",file,line);
data/evolver-2.70+ds/src/matrix.c:128:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"dmatrix3 from %s %d.\n",file,line);
data/evolver-2.70+ds/src/matrix.c:198:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"dmatrix4 from %s %d.\n",file,line);
data/evolver-2.70+ds/src/matrix.c:252:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"temp_dmatrix from %s %d.\n",file,line);
data/evolver-2.70+ds/src/matrix.c:294:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"temp_dmatrix3 from %s %d.\n",file,line);
data/evolver-2.70+ds/src/matrix.c:341:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"temp_dmatrix4 from %s %d.\n",file,line);
data/evolver-2.70+ds/src/method1.c:2297:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s has %s zero.\n",ELNAME(e_info->id),
data/evolver-2.70+ds/src/method4.c:594:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s is on a CONVEX constraint at zero gradient.\n",
data/evolver-2.70+ds/src/method4.c:606:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Edge %s is on a CONVEX constraint at zero gradient.\n",
data/evolver-2.70+ds/src/method4.c:808:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"linear_elastic: Facet %s has unstrained area <= 0.\n",
data/evolver-2.70+ds/src/method4.c:1102:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"linear_elastic_B: Facet %s has unstrained area 0.\n",
data/evolver-2.70+ds/src/method4.c:1519:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"relaxed_elastic_ Facet %s has unstrained area 0.\n",
data/evolver-2.70+ds/src/method4.c:2027:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"relaxed_elastic_A: Facet %s has unstrained area 0.\n",
data/evolver-2.70+ds/src/method5.c:987:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/method5.c:1298:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"dirichlet_elastic: Facet %s has unstrained area <= 0.\n",
data/evolver-2.70+ds/src/mindeg.c:2232:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"\nERROR during MKL symbolic factorization: %s", mkl_error[-error]);
data/evolver-2.70+ds/src/mindeg.c:2301:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg,"ERROR during MKL solution: %s\n", mkl_error[-error]);
data/evolver-2.70+ds/src/model.c:385:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/model.c:518:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/model.c:774:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/modify.c:119:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Could not find vertex on same boundary as facet %s.\n",
data/evolver-2.70+ds/src/modify.c:236:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Unstarring vertex %s\n",ELNAME(v_id));
data/evolver-2.70+ds/src/modify.c:243:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Unstarring failed, vertex %s is fixed.\n",
data/evolver-2.70+ds/src/modify.c:251:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Unstarring failed, vertex %s has valence %d\n",
data/evolver-2.70+ds/src/modify.c:259:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Unstarring failed, triple valence edge %s\n",
data/evolver-2.70+ds/src/modify.c:267:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Unstarring failed, triple valence edge %s\n",
data/evolver-2.70+ds/src/modify.c:275:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Unstarring failed, triple valence edge %s\n",
data/evolver-2.70+ds/src/modify.c:283:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Unstarring failed, triple valence edge %s\n",
data/evolver-2.70+ds/src/modify.c:297:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:389:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/modify.c:508:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: star_finagle() edge %s: head_valence %d != tail_valence %d\n",
data/evolver-2.70+ds/src/modify.c:617:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Refining edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/modify.c:891:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/modify.c:1216:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/modify.c:1326:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"facet_crosscut: vertices %s,%s not on facet %s\n",
data/evolver-2.70+ds/src/modify.c:1505:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/modify.c:1826:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:1905:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/modify.c:2059:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Dissolving vertex %s\n",ELNAME(v_id));
data/evolver-2.70+ds/src/modify.c:2091:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not dissolving edge %s since still on two facets.\n",
data/evolver-2.70+ds/src/modify.c:2127:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2136:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Dissolving edge %s between two facets.\n",ELNAME(e_id));
data/evolver-2.70+ds/src/modify.c:2151:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not dissolving edge %s since that would separate facet into two loops.\n",
data/evolver-2.70+ds/src/modify.c:2162:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not dissolving edge %s since still on a facet.\n",
data/evolver-2.70+ds/src/modify.c:2170:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Dissolving edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/modify.c:2383:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not dissolving facet %s since on two different bodies\n",ELNAME(f_id));
data/evolver-2.70+ds/src/modify.c:2390:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Dissolving facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/modify.c:2454:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Dissolving body %s\n",ELNAME(b_id));
data/evolver-2.70+ds/src/modify.c:2576:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2587:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2598:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2610:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2620:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2635:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2648:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/modify.c:2755:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"vertex_merge: Cannot merge %s since not at end of edge.\n",
data/evolver-2.70+ds/src/modify.c:2760:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"vertex_merge: Cannot merge %s since not at end of edge.\n",
data/evolver-2.70+ds/src/modify.c:2889:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: Bad edge loop on vertex %s.\n",
data/evolver-2.70+ds/src/modify.c:3163:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot get body agreement for merging facets %s and %s; not merging.\n",
data/evolver-2.70+ds/src/oglgraph.c:707:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex arrays require OpenGL version at least 1.1. This is %s.\n",
data/evolver-2.70+ds/src/pixgraph.c:92:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(quadname,pix_file_name);
data/evolver-2.70+ds/src/popfilm.c:363:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/popfilm.c:396:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Popping edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/popfilm.c:414:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," Propagating pop to edge %s\n",ELNAME(get_fe_edge(new_key)));
data/evolver-2.70+ds/src/popfilm.c:425:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," Propagating pop to edge %s\n",ELNAME(get_fe_edge(key_fe)));
data/evolver-2.70+ds/src/popfilm.c:1075:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Popping valence 2 edge %s on a constraint.\n",ELNAME(old_e));
data/evolver-2.70+ds/src/popfilm.c:1275:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Dissolving bare vertex %s\n",ELNAME(v_id));
data/evolver-2.70+ds/src/popfilm.c:1495:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"pop: Too many cells around vertex %s in cone_analyze().\n",
data/evolver-2.70+ds/src/popfilm.c:1508:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"pop: Too many arcs around vertex %s in cone_analyze().\n",
data/evolver-2.70+ds/src/popfilm.c:1546:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/popfilm.c:1626:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Popping vertex %s\n",ELNAME(v_id));
data/evolver-2.70+ds/src/popfilm.c:1668:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s looks like double cones but isn't.\n",
data/evolver-2.70+ds/src/popfilm.c:1975:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/popfilm.c:1982:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/popfilm.c:2455:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal: Cannot match fe_c with fe_a at vertex %s; skipping pop.\n",
data/evolver-2.70+ds/src/popfilm.c:2590:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not popping touching-triple-lines vertex %s since stable.\n",
data/evolver-2.70+ds/src/popfilm.c:2606:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Separating triple lines at vertex %s.\n",
data/evolver-2.70+ds/src/popfilm.c:2663:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Inserting new septum at vertex %s.\n",
data/evolver-2.70+ds/src/popfilm.c:2772:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:2786:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:2801:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:2824:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_tri_to_edge fails on facet %s due to outer triple edges with common endpoint.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:2831:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_tri_to_edge on facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:2848:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_tri_to_edge failed on facet %s; failed to delete edge remaining after deleting facet.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:2883:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_tri_to_edge failed after deleting facet %s; didn't find triple of edges in same direction.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:3027:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:3050:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:3060:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:3073:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:3097:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:3107:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_edge_to_tri fails on edge %s due to too many triple edges at one endpoint.\n",ELNAME(e_id));
data/evolver-2.70+ds/src/popfilm.c:3118:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_edge_to_tri fails on edge %s due to not enough triple edges at one endpoint.\n",ELNAME(e_id));
data/evolver-2.70+ds/src/popfilm.c:3127:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_edge_to_tri fails on edge %s due to both endpoints on constraints.\n",ELNAME(e_id));
data/evolver-2.70+ds/src/popfilm.c:3144:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_edge_to_tri fails on edge %s due to outer triple edges with common endpoint.\n",ELNAME(e_id));
data/evolver-2.70+ds/src/popfilm.c:3151:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_edge_to_tri on edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/popfilm.c:3224:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/popfilm.c:3379:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error after pop_vertex_to_tri edge %s, bad topology around vertex %s.\n",ELNAME(v_id),ELNAME1(get_edge_tailv(ea)));
data/evolver-2.70+ds/src/popfilm.c:3478:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/popfilm.c:3634:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error after pop_vertex_to_quad edge %s, bad topology around vertex %s.\n",ELNAME(v_id),ELNAME1(get_edge_tailv(ea)));
data/evolver-2.70+ds/src/popfilm.c:3712:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_quad_to_quad fails on facet %s since it doesn't have a triple edge.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:3726:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_quad_to_quad fails on facet %s; edge %s has valence 1.\n",ELNAME(f_id),ELNAME1(get_fe_edge(fe)));
data/evolver-2.70+ds/src/popfilm.c:3739:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_quad_to_quad fails on facet %s; edge %s valence too high.\n",ELNAME(f_id),ELNAME1(e_id));
data/evolver-2.70+ds/src/popfilm.c:3750:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_quad_to_quad fails on facet %s; didn't find quadrilateral of triple edges.\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:3784:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:3797:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_quad_to_quad fails on facet %s; too many triple edges on vertex %s.\n",ELNAME(f_id),ELNAME1(get_edge_tailv(ee_id)));
data/evolver-2.70+ds/src/popfilm.c:3807:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_quad_to_quad fails on facet %s since vertex %s doesn't have enough triple edges.\n",ELNAME(f_id),ELNAME1(get_edge_tailv(e_id)));
data/evolver-2.70+ds/src/popfilm.c:3824:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Pop_quad_to_quad fails on facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:3825:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg+strlen(msg),
data/evolver-2.70+ds/src/popfilm.c:3836:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"pop_quad_to_quad on facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/popfilm.c:3894:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/popfilm.c:4407:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error after pop_quad_to_quad facet %s, bad topology around vertex %s.\n",ELNAME(f_id),ELNAME1(get_edge_tailv(ea)));
data/evolver-2.70+ds/src/popfilm.c:4488:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Pop vertex %s fails since constraints of edge %s are not a subset of those of the vertex.\n",ELNAME(v_id),ELNAME1(e_id));
data/evolver-2.70+ds/src/popfilm.c:4498:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Too many edges around vertex %s for pop to handle.\n",
data/evolver-2.70+ds/src/popfilm.c:4510:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/popfilm.c:5432:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Can't handle over 20-valence edge %s! Sorry.\n",
data/evolver-2.70+ds/src/popfilm.c:5441:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Pop_edge_to_tri not applicable to edge %s.\n",ELNAME(e_id));
data/evolver-2.70+ds/src/psgraph.c:98:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot open %s.\n",ps_file_name);
data/evolver-2.70+ds/src/quantity.c:483:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"'%s' already declared.\n",name);
data/evolver-2.70+ds/src/quantity.c:592:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"No method '%s' exists.\n",meth_name);
data/evolver-2.70+ds/src/quantity.c:612:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Method name too long: %s\n",inst_name);
data/evolver-2.70+ds/src/quantity.c:630:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' already declared.\n",inst_name);
data/evolver-2.70+ds/src/quantity.c:680:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Method name too long: %s\n",new_inst_name);
data/evolver-2.70+ds/src/quantity.c:698:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' already declared.\n",new_inst_name);
data/evolver-2.70+ds/src/quantity.c:758:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Undefined method instance '%s'. \n",meth_name);
data/evolver-2.70+ds/src/quantity.c:795:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"%s: Sorry, but for now, a method instance can only belong to %d quantities.\n",
data/evolver-2.70+ds/src/quantity.c:802:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Sorry; method %s does not have a gradient available.\n",gm->name);
data/evolver-2.70+ds/src/quantity.c:850:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Undefined method instance '%s' on %s %s. \n",
data/evolver-2.70+ds/src/quantity.c:1014:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Quantity '%s' has no methods applying to this type element.\n",
data/evolver-2.70+ds/src/quantity.c:2533:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Method %s has no Hessian available.\n",gm->name);
data/evolver-2.70+ds/src/quantity.c:3516:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/quantity.c:3542:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s does not have a complete star (as needed by some method instance).\n",ELNAME(v_info->id));
data/evolver-2.70+ds/src/quantity.c:3566:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/quantity.c:3669:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"sq_torsion method: Must be exactly two marked edges at vertex %s\n",
data/evolver-2.70+ds/src/quantity.c:3696:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"sq_torsion method: Must be exactly two marked edges at vertex %s\n",
data/evolver-2.70+ds/src/quantity.c:3922:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Facet %s missing neighbor needed for NEED_SURROUNDING_VERTICES method.\n",
data/evolver-2.70+ds/src/quantity.c:3927:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Facet %s has too many neighbors for NEED_SURROUNDING_VERTICES method.\n",
data/evolver-2.70+ds/src/quantity.c:4072:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Method value function not implemented for %s.\n",
data/evolver-2.70+ds/src/quantity.c:4080:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Method gradient function not implemented for %s.\n",
data/evolver-2.70+ds/src/quantity.c:4088:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Quantity hessian function not implemented for %s.\n",
data/evolver-2.70+ds/src/query.c:57:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(history_space,text);
data/evolver-2.70+ds/src/query.c:298:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/query.c:383:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %36s %15d -- interrupted timing --\n",g->name,
data/evolver-2.70+ds/src/query.c:385:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(msg," %36s %15d %20.f\n",g->name,
data/evolver-2.70+ds/src/query.c:400:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg," %30s %15.f\n",typenames[i],show_expr_table[i].elapsed_time);
data/evolver-2.70+ds/src/query.c:424:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg," %40s %15.f\n",mi->name,total_time);
data/evolver-2.70+ds/src/query.c:453:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%30s %15.f %15.f %15.f\n",b->name,coord_time,energy_time,content_time);
data/evolver-2.70+ds/src/query.c:482:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%30s %15.f %15.f %15.f\n",con->name,coord_time,energy_time,content_time);
data/evolver-2.70+ds/src/readline.c:143:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new+lastlinepos,s);
data/evolver-2.70+ds/src/simequi2.c:301:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Vertex %s inside void of facet %s\n",ELNAME(v_id),
data/evolver-2.70+ds/src/skeleton.c:190:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(bb_id)+1,con->name);
data/evolver-2.70+ds/src/skeleton.c:201:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(b_id)+1,con->name);
data/evolver-2.70+ds/src/skeleton.c:534:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"fix body volume: illegal body %s.\n",ELNAME(b_id));
data/evolver-2.70+ds/src/skeleton.c:1380:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Extra attribute \"%s\" has %d dimensions, exceeding limit of %d.\n", name,dim,MAXARRAYDIMS);
data/evolver-2.70+ds/src/skeleton.c:1944:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Too many common constraints for vertices %s and %s.\n",
data/evolver-2.70+ds/src/softimag.c:36:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name,name);
data/evolver-2.70+ds/src/softimag.c:53:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name,name);
data/evolver-2.70+ds/src/sqcurve2.c:524:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/sqcurve2.c:1335:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"More than 2 marked edges at vertex %s\n",ELNAME(v_info->id));
data/evolver-2.70+ds/src/sqcurve2.c:1392:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"More than 2 marked edges at vertex %s\n",ELNAME(v_info->id));
data/evolver-2.70+ds/src/sqcurve2.c:1476:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"More than 2 marked edges at vertex %s\n",ELNAME(v_info->id));
data/evolver-2.70+ds/src/sqcurve3.c:664:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/sqcurve3.c:787:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/sqcurve3.c:910:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/sqcurve3.c:1022:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/sqcurve3.c:1159:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"edge %s cosine of angle out of range in circular_willmore",
data/evolver-2.70+ds/src/storage.c:224:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Trying to allocate more %s than ID format allows, %lld\n",
data/evolver-2.70+ds/src/storage.c:557:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/storage.c:603:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/storage.c:881:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"%p %10ld %s end %p\n",hinfo._pentry,hinfo._size,
data/evolver-2.70+ds/src/storage.c:1357:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"reorder_storage: %s attribute not defined.\n",keynames[i]);
data/evolver-2.70+ds/src/storage.c:1595:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newname,"body_%d%s",newbnum,nametail);
data/evolver-2.70+ds/src/storage.c:1596:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->name,newname);
data/evolver-2.70+ds/src/storage.c:1606:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newname,"body_%d%s",newbnum,nametail);
data/evolver-2.70+ds/src/storage.c:1607:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mi->name,newname);
data/evolver-2.70+ds/src/storage.c:1723:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Attribute %s total index is %d; maximum is %d.\n",
data/evolver-2.70+ds/src/storage.c:1728:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Attribute %s index zero or negative: %d.\n",
data/evolver-2.70+ds/src/storage.c:1921:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Trying to allocate more %s than ID format allows, %lld\n",
data/evolver-2.70+ds/src/storage.h:184:38: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME(id) (valid_id(id) ? (sprintf(elnames[0],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[0]) : "")
data/evolver-2.70+ds/src/storage.h:185:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME1(id) (valid_id(id) ? (sprintf(elnames[1],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[1]) : "")
data/evolver-2.70+ds/src/storage.h:186:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME2(id) (valid_id(id) ? (sprintf(elnames[2],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[2]) : "")
data/evolver-2.70+ds/src/storage.h:187:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME3(id) (valid_id(id) ? (sprintf(elnames[3],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[3]) : "")
data/evolver-2.70+ds/src/storage.h:188:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME4(id) (valid_id(id) ? (sprintf(elnames[4],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[4]) : "")
data/evolver-2.70+ds/src/storage.h:189:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME5(id) (valid_id(id) ? (sprintf(elnames[5],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[5]) : "")
data/evolver-2.70+ds/src/storage.h:190:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME6(id) (valid_id(id) ? (sprintf(elnames[6],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[6]) : "")
data/evolver-2.70+ds/src/storage.h:191:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME7(id) (valid_id(id) ? (sprintf(elnames[7],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[7]) : "")
data/evolver-2.70+ds/src/storage.h:192:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME8(id) (valid_id(id) ? (sprintf(elnames[8],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[8]) : "")
data/evolver-2.70+ds/src/storage.h:193:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME9(id) (valid_id(id) ? (sprintf(elnames[9],"%s%d@%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[9]) : "")
data/evolver-2.70+ds/src/storage.h:205:38: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME(id) (valid_id(id) ? (sprintf(elnames[0],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[0]) : "")
data/evolver-2.70+ds/src/storage.h:206:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME1(id) (valid_id(id) ? (sprintf(elnames[1],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[1]) : "")
data/evolver-2.70+ds/src/storage.h:207:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME2(id) (valid_id(id) ? (sprintf(elnames[2],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[2]) : "")
data/evolver-2.70+ds/src/storage.h:208:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME3(id) (valid_id(id) ? (sprintf(elnames[3],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[3]) : "")
data/evolver-2.70+ds/src/storage.h:209:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME4(id) (valid_id(id) ? (sprintf(elnames[4],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[4]) : "")
data/evolver-2.70+ds/src/storage.h:210:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME5(id) (valid_id(id) ? (sprintf(elnames[5],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[5]) : "")
data/evolver-2.70+ds/src/storage.h:211:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME6(id) (valid_id(id) ? (sprintf(elnames[6],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[6]) : "")
data/evolver-2.70+ds/src/storage.h:212:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME7(id) (valid_id(id) ? (sprintf(elnames[7],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[7]) : "")
data/evolver-2.70+ds/src/storage.h:213:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME8(id) (valid_id(id) ? (sprintf(elnames[8],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[8]) : "")
data/evolver-2.70+ds/src/storage.h:214:39: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define SELNAME9(id) (valid_id(id) ? (sprintf(elnames[9],"%s%d",(inverted(id)?"-":""),(int)((id)&OFFSETMASK)+1),elnames[9]) : "")
data/evolver-2.70+ds/src/symtable.c:103:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Duplicate name '%s' in scope.\n",name);
data/evolver-2.70+ds/src/symtable.c:447:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Name too long. Truncated to %s.\n",name);
data/evolver-2.70+ds/src/symtable.c:454:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"The name \"%s\" is already in use%s.\n",name,
data/evolver-2.70+ds/src/symtable.c:549:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Name too long. Truncated to %s.\n",name);
data/evolver-2.70+ds/src/symtable.c:556:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"The name \"%s\" is already in use%s.\n",name,
data/evolver-2.70+ds/src/symtable.c:769:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Local variable %s already declared in current block.\n",
data/evolver-2.70+ds/src/teix.c:277:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: sd_vertex_mean_curvature at vertex %s.\n",
data/evolver-2.70+ds/src/tmain.c:143:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Usage: %s [-a][-d][-e][-i][-m][-q][-w][-x][-y][-h][-V] [-f FILE]" HELP_USAGE_MULTIPROCESS " [DATAFILE]\n",
data/evolver-2.70+ds/src/tmain.c:170:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,
data/evolver-2.70+ds/src/tmain.c:190:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Surface Evolver %s, %d-bit.\n",VERSION,8*(int)sizeof(int*));
data/evolver-2.70+ds/src/tmain.c:228:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Built with %s.\n",evolver_display_short_description);
data/evolver-2.70+ds/src/tmain.c:372:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Illegal option: %s\n",argv[0]); outstring(msg);
data/evolver-2.70+ds/src/tmain.c:374:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Try '%s -h' for more information\n",evolver_invocation_short_name); outstring(msg);
data/evolver-2.70+ds/src/tmain.c:1021:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(loadfilename,name);
data/evolver-2.70+ds/src/tmain.c:1029:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Cannot open datafile %s.\n",name);
data/evolver-2.70+ds/src/tmain.c:1041:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(console_title,"Surface Evolver MPI - %s",name);
data/evolver-2.70+ds/src/tmain.c:1043:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(console_title,"Surface Evolver - %s",name);
data/evolver-2.70+ds/src/tmain.c:1321:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal negative value of vertex %s v_partition_proc: %d\n",
data/evolver-2.70+ds/src/tmain.c:1326:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s v_partition_proc %d exceeds number of threads %d\n",
data/evolver-2.70+ds/src/tmain.c:1331:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Illegal negative value of vertex %s v_partition_stage: %d\n",
data/evolver-2.70+ds/src/tmain.c:1336:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s v_partition_stage %d exceeds allowed maximum %d\n",
data/evolver-2.70+ds/src/tordup.c:401:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"2*(%s)",print_express(&torus_period_expr[m][i],' '));
data/evolver-2.70+ds/src/tordup.c:408:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"2*(%s)",print_express(&torus_display_period_expr[m][i],' '));
data/evolver-2.70+ds/src/torvol.c:104:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Base vertex of facet %s has nonzero wrap in facet_torus_volume.\n",
data/evolver-2.70+ds/src/torvol.c:154:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/evolver-2.70+ds/src/trirevis.c:660:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Weeded facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/trirevis.c:666:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Couldn't weed facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/trirevis.c:735:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Deleting facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/trirevis.c:741:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Couldn't delete facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/trirevis.c:817:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Deleted facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/trirevis.c:823:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Couldn't entirely delete facet %s\n",ELNAME(f_id));
data/evolver-2.70+ds/src/trirevis.c:1190:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not deleting edge %s since it is FIXED.\n",
data/evolver-2.70+ds/src/trirevis.c:1239:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Can't delete edge %s due to conflicting constraints, boundaries, or fixedness.\n",ELNAME(short_edge));
data/evolver-2.70+ds/src/trirevis.c:1262:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,
data/evolver-2.70+ds/src/trirevis.c:1279:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Not deleting edge %s due to axial point.\n",
data/evolver-2.70+ds/src/trirevis.c:1332:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Deleting edge %s\n",ELNAME(short_edge));
data/evolver-2.70+ds/src/trirevis.c:1396:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: Bad edge loop on vertex %s.\n",
data/evolver-2.70+ds/src/trirevis.c:1515:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/trirevis.c:1529:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Edge amenity failed second time through on edge %s\n",
data/evolver-2.70+ds/src/trirevis.c:2200:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping fixed edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/trirevis.c:2210:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping bare edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/trirevis.c:2218:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping single-facet edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/trirevis.c:2226:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s; more than two facets.\n",ELNAME(e_id));
data/evolver-2.70+ds/src/trirevis.c:2239:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s. Unequal facet densities.\n",
data/evolver-2.70+ds/src/trirevis.c:2248:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s, facets have unequal FIXED.\n",
data/evolver-2.70+ds/src/trirevis.c:2257:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s, facets have unequal NO_REFINE.\n",
data/evolver-2.70+ds/src/trirevis.c:2267:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s. Unequal edge and facet constraints.\n",
data/evolver-2.70+ds/src/trirevis.c:2277:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s. Unequal facet and edge boundaries.\n",
data/evolver-2.70+ds/src/trirevis.c:2292:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s. Would be a loop on vertex %s.\n",
data/evolver-2.70+ds/src/trirevis.c:2300:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s. Would create two facets with same vertices.\n",
data/evolver-2.70+ds/src/trirevis.c:2363:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not swapping edge %s. Would create edge with both ends axial points.\n",
data/evolver-2.70+ds/src/trirevis.c:2375:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Swapping edge %s\n",ELNAME(e_id)); outstring(msg);
data/evolver-2.70+ds/src/trirevis.c:2594:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Notching edge %s\n",ELNAME(e_id));
data/evolver-2.70+ds/src/trirevis.c:2745:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(b_id)+1,con->name);
data/evolver-2.70+ds/src/trirevis.c:2852:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"body_%d_%s_meth",ordinal(b_id)+1,con->name);
data/evolver-2.70+ds/src/userfunc.c:226:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot open dynamic library %s. Reason:\n",libname);
data/evolver-2.70+ds/src/userfunc.c:234:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dll_list[k].name,libname);
data/evolver-2.70+ds/src/userio.c:522:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot open %s.",name);
data/evolver-2.70+ds/src/userio.c:584:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot open %s.",name);
data/evolver-2.70+ds/src/userio.c:612:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_names[file_no_used],name);
data/evolver-2.70+ds/src/userio.c:701:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(warning_messages,message);
data/evolver-2.70+ds/src/userio.c:737:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Source file %s, line %d\n",
data/evolver-2.70+ds/src/userio.c:816:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(fullmsg,"\n%s Line %d:\n",
data/evolver-2.70+ds/src/userio.c:820:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullmsg,emsg);
data/evolver-2.70+ds/src/userio.c:827:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullmsg+strlen(fullmsg),"file %s at line %d\n",
data/evolver-2.70+ds/src/userio.c:851:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(fullmsg,"\n%s Line %d:\n",
data/evolver-2.70+ds/src/userio.c:869:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(fullmsg,"\n%s Line %d:\n",
data/evolver-2.70+ds/src/userio.c:892:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(fullmsg,"\n%s Line %d:\n",
data/evolver-2.70+ds/src/userio.c:910:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(c,"called from file %s at line %d\n",
data/evolver-2.70+ds/src/userio.c:931:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(fullmsg,"\n%s Line %d:\n",
data/evolver-2.70+ds/src/userio.c:979:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(fullmsg,"\n%s Line %d:\n",
data/evolver-2.70+ds/src/userio.c:1003:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(fullmsg,"\n%s Line %d:\n",
data/evolver-2.70+ds/src/utility.c:45:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(env_EVOLVERPATH,environment_EVOLVERPATH);
data/evolver-2.70+ds/src/utility.c:63:36: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ if (*env_EVOLVERPATH == '\0') strcpy(env_EVOLVERPATH, ENVEVOLVERPATHBUILTIN );
data/evolver-2.70+ds/src/utility.c:64:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
else strcat(env_EVOLVERPATH, ENVPATHCHAR ENVEVOLVERPATHBUILTIN );
data/evolver-2.70+ds/src/utility.c:343:34: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
for ( i = 0 ; i < 22 ; i++ ) fscanf(fd,"%s",msg);
data/evolver-2.70+ds/src/utility.c:370:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%5d. %12.0f bytes at %p; %18s line %4d\n",
data/evolver-2.70+ds/src/utility.c:378:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%5d. %12.0f bytes at %p; %18s line %4d\n",
data/evolver-2.70+ds/src/utility.c:386:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%5d. %12.0f bytes at %p; %18s line %4d\n",
data/evolver-2.70+ds/src/utility.c:394:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"%5d. %12.0f bytes at %p; %18s line %4d\n",
data/evolver-2.70+ds/src/utility.c:479:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg+strlen(msg),"Requested from %s line %d\n",file,line);
data/evolver-2.70+ds/src/utility.c:552:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg+strlen(errmsg),"File %s, line %d; original alloc %s:%d\n",
data/evolver-2.70+ds/src/utility.c:572:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg+strlen(msg),"Requested from %s line %d\n",file,line);
data/evolver-2.70+ds/src/utility.c:638:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(memmsg," allocated from %s:%d\n",head->file,head->line);
data/evolver-2.70+ds/src/utility.c:662:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Internal error: Trying to free memory block of type %s from %s list.\nAllocated from %s:%d\n",
data/evolver-2.70+ds/src/utility.c:665:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Internal error: Trying to free memory block of type %s from %s list.\n",
data/evolver-2.70+ds/src/utility.c:713:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(memmsg,"Freeing %p, %d bytes, allocated at %s:%d\n",head+1,
data/evolver-2.70+ds/src/utility.c:1640:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/utility.c:1670:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/utility.c:1701:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/utility.c:2216:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/utility.c:2302:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: Can't find vertex %s in facet %s.\n",
data/evolver-2.70+ds/src/utility.c:2361:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "hessian_special_normal_vector is zero at vertex %s.\n",
data/evolver-2.70+ds/src/utility.c:3198:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(taskpath,name,this_task);
data/evolver-2.70+ds/src/utility.c:3921:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Internal error: Vertex %s edge loop not closed.\n",
data/evolver-2.70+ds/src/utility.c:3957:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/utility.c:3977:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Internal error: Vertex %s edge loop not closed.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/utility.c:4009:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Internal error: Vertex %s edge loop not closed.\n",
data/evolver-2.70+ds/src/utility.c:4250:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Internal error: get_next_vertex_facet failure v %s f %s\n",
data/evolver-2.70+ds/src/verpopst.c:297:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Pop vertex: Invalid edge at vertex %s.\n",
data/evolver-2.70+ds/src/verpopst.c:327:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"verpop: edge %s length zero. \n",
data/evolver-2.70+ds/src/verpopst.c:478:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Not splitting vertex %s since that would create two separate edge chains for facet %s\n",
data/evolver-2.70+ds/src/verpopst.c:489:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Popping vertex %s.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/verpopst.c:700:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(msg,"Popping vertex %s.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/wulff.c:82:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot open Wulff vector file %s.\n",wulffname);
data/evolver-2.70+ds/src/yexparse.c:452:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot change number of dimensions of %s\n",
data/evolver-2.70+ds/src/yexparse.c:1557:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg,"Cannot set internal variable '%s'.\n",keywordname(left));
data/evolver-2.70+ds/src/yexparse.c:1577:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' cannot be made an optimizing parameter.\n",
data/evolver-2.70+ds/src/yexparse.c:1670:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot redefine variable '%s' as a command.\n",
data/evolver-2.70+ds/src/yexparse.c:1698:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot redefine variable '%s' as a command.\n",
data/evolver-2.70+ds/src/yexparse.c:1709:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Non-permanent items in definition of %s.\n",
data/evolver-2.70+ds/src/yexparse.c:1748:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot redefine '%s' as a function.\n",g->name);
data/evolver-2.70+ds/src/yexparse.c:1800:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Function \"%s\" needs %d arguments; call has %d,\n",
data/evolver-2.70+ds/src/yexparse.c:1825:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot redefine '%s' as a function.\n",g->name);
data/evolver-2.70+ds/src/yexparse.c:1877:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Procedure \"%s\" needs %d arguments; call has %d.\n",
data/evolver-2.70+ds/src/yexparse.c:1915:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/yexparse.c:1922:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot re-declare a local fixed-size array %s.\n",
data/evolver-2.70+ds/src/yexparse.c:1928:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/yexparse.c:1935:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot change type of array %s.\n",g->name);
data/evolver-2.70+ds/src/yexparse.c:2014:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot change the number of dimensions of array %s.\n",
data/evolver-2.70+ds/src/yexparse.c:2062:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array %s should have at most %d indexes, has %d.\n",
data/evolver-2.70+ds/src/yexparse.c:2081:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Array %s should have at most %d indexes, has %d.\n",
data/evolver-2.70+ds/src/yexparse.c:2439:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/yexparse.c:2445:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Array %s is read-only.\n",g->name);
data/evolver-2.70+ds/src/yexparse.c:2464:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/yexparse.c:2529:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/yexparse.c:2552:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Variable %s is not proper type for left side of assignment.\n",g->name);
data/evolver-2.70+ds/src/yexparse.c:2573:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "Variable %s is not proper type for assignment.\n",g->name);
data/evolver-2.70+ds/src/yexparse.c:2645:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[listtop].op5.string,symtable[left].name);
data/evolver-2.70+ds/src/yexparse.c:2945:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[listtop].op1.string,yytext);
data/evolver-2.70+ds/src/yexparse.c:3068:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[listtop].op1.string,yytext);
data/evolver-2.70+ds/src/yexparse.c:4107:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"'%s' attached to too many quantities. This version of Evolver permits only %d.\n",
data/evolver-2.70+ds/src/yexparse.c:4319:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Attribute %s must have %d indices.\n",
data/evolver-2.70+ds/src/yexparse.c:4340:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Attribute %s must have at most %d indices.\n",
data/evolver-2.70+ds/src/yexparse.c:4381:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/yexparse.c:4430:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Invalid extra attribute name '%s'.\n",
data/evolver-2.70+ds/src/yexparse.c:4436:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot use index with attribute '%s'.\n",ex->name);
data/evolver-2.70+ds/src/yexparse.c:4440:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Must use index with attribute '%s'.\n",ex->name);
data/evolver-2.70+ds/src/yexparse.c:4444:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Attribute '%s' has %d indexes.\n",
data/evolver-2.70+ds/src/yexparse.c:4625:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"Internal error: Unknown MAKENODE %d type %s\n",type,tokname(type));
data/evolver-2.70+ds/src/yexparse.c:4985:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"%s is a read-only attribute.\n",ex->name);
data/evolver-2.70+ds/src/yexparse.c:4993:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"%s is a read-only variable.\n",g->name);
data/evolver-2.70+ds/src/ytab.c:11142:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/evolver-2.70+ds/src/ytab.c:13674:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13686:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13698:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13710:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13722:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13734:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13746:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13758:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:13770:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14108:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "\"%s\" is a %s attribute, not %s.\n",
data/evolver-2.70+ds/src/ytab.c:14144:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg, "\"%s\" is a %s attribute, not %s.\n",
data/evolver-2.70+ds/src/ytab.c:14477:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14491:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Cannot use local variable \"%s\" as attribute.\n",
data/evolver-2.70+ds/src/ytab.c:14617:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((yyval).lexeme,(yyvsp[0]).lexeme);
data/evolver-2.70+ds/src/ytab.c:14628:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Syntax error: Unexpected new identifier '%s'.\n",(yyvsp[-1]).lexeme); /* qapo */
data/evolver-2.70+ds/src/ytab.c:14800:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
{ sprintf(errmsg, /* qaqg */
data/evolver-2.70+ds/src/ytab.c:14833:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14846:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14859:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14872:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14885:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14898:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14911:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14924:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14937:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:15193:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,"\"x\" is not a %s attribute.\n",
data/evolver-2.70+ds/src/ytab.c:15200:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"\"vertexnormal\" is vertex attribute; cannot be on %s.\n",
data/evolver-2.70+ds/src/ytab.c:15210:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"\"p\" is %s attribute; cannot be on %s.\n",
data/evolver-2.70+ds/src/ytab.c:15218:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"\"%s\" is %s attribute; cannot be on %s.\n",
data/evolver-2.70+ds/src/ytab.c:15975:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,default_name);
data/evolver-2.70+ds/src/ytab.c:15989:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,(yyvsp[0]).lexeme);
data/evolver-2.70+ds/src/ytab.c:15994:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[(yyvsp[-1]).i].op5.string,elsym->name);
data/evolver-2.70+ds/src/ytab.c:16009:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,default_name);
data/evolver-2.70+ds/src/ytab.c:16013:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[(yyvsp[0]).i].op5.string,default_name);
data/evolver-2.70+ds/src/ytab.c:16027:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,(yyvsp[0]).lexeme);
data/evolver-2.70+ds/src/ytab.c:16031:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[(yyvsp[-1]).i].op5.string,elsym->name);
data/evolver-2.70+ds/src/ytab.c:16598:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"\"%s\" is not an attribute name.\n",(yyvsp[0]).lexeme); /* qayy */
data/evolver-2.70+ds/src/ytab.c:16786:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(errmsg, /* qazu */
data/evolver-2.70+ds/src/ytab.c:16813:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(errmsg, /* qazx */
data/evolver-2.70+ds/src/ytab.c:16875:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Syntax: %s ( rexpr )\n",keywordname((yyvsp[-1]).i)); /* qbai */
data/evolver-2.70+ds/src/ytab.c:16887:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Syntax: %s ( rexpr , rexpr )\n",keywordname((yyvsp[0]).i)); /* qbak */
data/evolver-2.70+ds/src/ytab.c:17548:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set_extra_name,EXTRAS((yyval).etype)[(yyval).qnum].name); ;}
data/evolver-2.70+ds/src/ytab.c:17601:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,default_name);
data/evolver-2.70+ds/src/ytab.c:17625:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,default_name);
data/evolver-2.70+ds/src/ytab.c:17649:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,default_name);
data/evolver-2.70+ds/src/ytab.c:17674:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name,default_name);
data/evolver-2.70+ds/src/zoom.c:42:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errmsg,"Vertex %s is not valid.\n",ELNAME(v_id));
data/evolver-2.70+ds/src/bk.c:798:41: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) v[i] = drand48();
data/evolver-2.70+ds/src/bk.c:862:41: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) x[i] = drand48() - .5;
data/evolver-2.70+ds/src/bk.c:1059:41: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) x[i] = drand48() - .5;
data/evolver-2.70+ds/src/bk.c:1310:46: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) x[j][i] = drand48() - .5;
data/evolver-2.70+ds/src/bk.c:1717:41: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) V[i] = drand48();
data/evolver-2.70+ds/src/evalmore.c:654:18: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(random_seed); srand48(random_seed);
data/evolver-2.70+ds/src/extern.h:2312:16: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
void __stdcall EnterCriticalSection(void *);
data/evolver-2.70+ds/src/hessian2.c:683:49: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) w[i] = drand48() - .5;
data/evolver-2.70+ds/src/hessian2.c:767:47: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) w[i] = drand48() - .5;
data/evolver-2.70+ds/src/hessian2.c:862:40: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S.N ; i++ ) X[i] = drand48();
data/evolver-2.70+ds/src/hessian2.c:1010:41: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) w[i] = drand48() - .5;
data/evolver-2.70+ds/src/hessian2.c:1118:41: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < S->N ; i++ ) w[i] = drand48() - .5;
data/evolver-2.70+ds/src/hessian2.c:1466:57: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( j = 0 ; j < S->A_rows ; j++ ) rbasis[i][j] = drand48() - .5;
data/evolver-2.70+ds/src/include.h:109:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48() ((REAL)rand()/RAND_MAX)
data/evolver-2.70+ds/src/include.h:110:26: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srand48(seed) srand(seed)
data/evolver-2.70+ds/src/include.h:123:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv();
data/evolver-2.70+ds/src/include.h:149:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv();
data/evolver-2.70+ds/src/include.h:210:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv();
data/evolver-2.70+ds/src/include.h:234:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define getenv(a) ":fe;:doc"
data/evolver-2.70+ds/src/include.h:239:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48() ((REAL)rand()/RAND_MAX)
data/evolver-2.70+ds/src/include.h:240:26: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srand48(seed) srand(seed)
data/evolver-2.70+ds/src/include.h:271:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define getenv(a) ":fe;:doc;::fe;::doc;:::fe;:::doc"
data/evolver-2.70+ds/src/include.h:276:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48() ((REAL)rand()/RAND_MAX)
data/evolver-2.70+ds/src/include.h:277:26: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srand48(seed) srand(seed)
data/evolver-2.70+ds/src/include.h:384:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48() ((REAL)random()/0x7FFFFFFF)
data/evolver-2.70+ds/src/include.h:384:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48() ((REAL)random()/0x7FFFFFFF)
data/evolver-2.70+ds/src/include.h:385:26: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srand48(seed) srandom(seed)
data/evolver-2.70+ds/src/include.h:411:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv();
data/evolver-2.70+ds/src/include.h:488:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48() ((REAL)rand()/RAND_MAX)
data/evolver-2.70+ds/src/include.h:489:26: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srand48(seed) srand(seed)
data/evolver-2.70+ds/src/iterate.c:1122:34: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( atoi(response) != 0 ) srand(atoi(response));
data/evolver-2.70+ds/src/kusner.c:853:41: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for ( i = 0 ; i < mobN ; i++ ) B[i] = drand48(); /* random vector */
data/evolver-2.70+ds/src/lexinit.c:124:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(random_seed); srand48(random_seed);
data/evolver-2.70+ds/src/proto.h:20:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#ifndef drand48
data/evolver-2.70+ds/src/proto.h:21:16: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern double drand48(void); /* may not be in header file */
data/evolver-2.70+ds/src/readline.c:90:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env_HOME=getenv("HOME");
data/evolver-2.70+ds/src/tmain.c:450:7: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
{ InitializeCriticalSection(&thread_cs);
data/evolver-2.70+ds/src/tmain.c:451:7: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&element_cs);
data/evolver-2.70+ds/src/tmain.c:452:7: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&web_cs);
data/evolver-2.70+ds/src/tmain.c:1776:6: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
{EnterCriticalSection(element_mutex_ptr);
data/evolver-2.70+ds/src/tmain.c:1788:6: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
{EnterCriticalSection(web_mutex_ptr);
data/evolver-2.70+ds/src/userfunc.c:182:28: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
#define dlopen(name,mode) LoadLibrary(name)
data/evolver-2.70+ds/src/utility.c:30:42: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
{ const char *environment_EVOLVERPATH = getenv("EVOLVERPATH");
data/evolver-2.70+ds/src/utility.c:4440:8: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double drand48()
data/evolver-2.70+ds/src/alice.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[90];
data/evolver-2.70+ds/src/alice.c:50:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,"Enter center of test function (%f %f %f): ",
data/evolver-2.70+ds/src/alice.c:65:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,"Enter vector of test function (%f %f %f): ",
data/evolver-2.70+ds/src/alice.c:80:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,"Enter characteristic size of test function (%f): ",(DOUBLE)radius);
data/evolver-2.70+ds/src/alice.c:146:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Variation: %f\n",(DOUBLE)(sum/radius/radius));
data/evolver-2.70+ds/src/bk.c:375:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Degrees of freedom, %d, fewer than constraints, %d.\n",
data/evolver-2.70+ds/src/bk.c:529:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"b%d",i+1); printf("%10s",msg); }
data/evolver-2.70+ds/src/bk.c:532:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"q%d",i+1); printf("%10s",msg); }
data/evolver-2.70+ds/src/bk.c:537:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"q%d",i+1); printf("%10s",msg); }
data/evolver-2.70+ds/src/bk.c:842:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/bk.c:878:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxcount = atoi(response);
data/evolver-2.70+ds/src/bk.c:962:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:964:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:966:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g\n",count,xax);
data/evolver-2.70+ds/src/bk.c:974:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg converged\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:976:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg converged\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:978:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g converged\n",count,xax);
data/evolver-2.70+ds/src/bk.c:984:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg max iterations\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:986:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg max iterations\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:988:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g max iterations\n",count,xax);
data/evolver-2.70+ds/src/bk.c:1036:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/bk.c:1077:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxcount = atoi(response);
data/evolver-2.70+ds/src/bk.c:1182:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:1184:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:1186:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g\n",count,xax);
data/evolver-2.70+ds/src/bk.c:1194:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg converged\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:1196:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg converged\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:1198:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g converged\n",count,xax);
data/evolver-2.70+ds/src/bk.c:1205:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg max iterations\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:1207:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg max iterations\n",count,DPREC,xax);
data/evolver-2.70+ds/src/bk.c:1209:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g max iterations\n",count,xax);
data/evolver-2.70+ds/src/bk.c:1259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/bk.c:1325:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxcount = atoi(response);
data/evolver-2.70+ds/src/bk.c:1417:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%3d. ",count);
data/evolver-2.70+ds/src/bk.c:1420:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg)," %*.*Qg",DWIDTH,DPREC,evalues[2*n-1-j]);
data/evolver-2.70+ds/src/bk.c:1422:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg)," %*.*Lg",DWIDTH,DPREC,evalues[2*n-1-j]);
data/evolver-2.70+ds/src/bk.c:1424:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg)," %18.15g",evalues[2*n-1-j]);
data/evolver-2.70+ds/src/bk.c:1433:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg converged\n",count,DPREC,trxax);
data/evolver-2.70+ds/src/bk.c:1435:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg converged\n",count,DPREC,trxax);
data/evolver-2.70+ds/src/bk.c:1437:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g converged\n",count,trxax);
data/evolver-2.70+ds/src/bk.c:1443:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Qg max iterations\n",count,DPREC,trxax);
data/evolver-2.70+ds/src/bk.c:1445:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.*Lg max iterations\n",count,DPREC,trxax);
data/evolver-2.70+ds/src/bk.c:1447:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %3.17g max iterations\n",count,trxax);
data/evolver-2.70+ds/src/bk.c:1521:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Hessian solve only reduced residual from %g to %g.\n",
data/evolver-2.70+ds/src/bk.c:1677:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char response[100];
data/evolver-2.70+ds/src/bk.c:1683:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Eigencounts: %d <, %d ==, %d > \n",S->neg,S->zero,S->pos);
data/evolver-2.70+ds/src/bk.c:1702:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/bk.c:1710:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Eigencounts: %d <, %d ==, %d > \n",S->neg,S->zero,S->pos);
data/evolver-2.70+ds/src/bk.c:1721:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
its = atoi(response);
data/evolver-2.70+ds/src/bk.c:1800:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Hessian not positive definite. Index: %d\n",S->neg);
data/evolver-2.70+ds/src/boundary.c:548:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Partner of %d is %d, but partner of %d is %d.\n",
data/evolver-2.70+ds/src/boundary.c:624:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Partner of %d is %d, but partner of %d is %d.\n",
data/evolver-2.70+ds/src/check.c:138:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d freelist seems to be in a loop.\n",
data/evolver-2.70+ds/src/check.c:146:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d freelist has bad id %lX\n",type,(unsigned long)id);
data/evolver-2.70+ds/src/check.c:153:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/check.c:167:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d freelist has bad freelast %lX instead of %lX.\n",
data/evolver-2.70+ds/src/check.c:175:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d freelist has %d elements instead of %d.\n",
data/evolver-2.70+ds/src/check.c:182:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d freelist last id is non-null: %lX\n",type,
data/evolver-2.70+ds/src/check.c:208:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d usedlist has too many elements: %d.\n",
data/evolver-2.70+ds/src/check.c:216:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d usedlist has bad id %lX of type %d\n",
data/evolver-2.70+ds/src/check.c:224:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d used list id %lX has backchain %lX instead of %lX\n",
data/evolver-2.70+ds/src/check.c:235:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d usedlist has %d elements instead of %d.\n",type,usedcount,maxused);
data/evolver-2.70+ds/src/check.c:241:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d usedlist has %d elements.\n",type,usedcount);
data/evolver-2.70+ds/src/check.c:247:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Type %d usedlist last id is non-null: %lX\n",type,
data/evolver-2.70+ds/src/check.c:411:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Only %d facetedges out of %ld generated.\n",
data/evolver-2.70+ds/src/check.c:588:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Edges have %d facetedges out of %ld used.\n",
data/evolver-2.70+ds/src/check.c:686:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Facets have %d facet-edges out of %ld used.\n",
data/evolver-2.70+ds/src/check.c:715:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Facets have %d facet-edges out of %ld used.\n",
data/evolver-2.70+ds/src/check.c:857:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"\n facet %d",oid(f_id));
data/evolver-2.70+ds/src/check.c:873:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"; facet %d",oid(ff_id));
data/evolver-2.70+ds/src/cnstrnt.c:102:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg+strlen(errmsg)," Projecting on constraints ");
data/evolver-2.70+ds/src/cnstrnt.c:105:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,". Maybe redundant one-sided constraints?");
data/evolver-2.70+ds/src/cnstrnt.c:195:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg+strlen(errmsg)," Projecting on constraints ");
data/evolver-2.70+ds/src/cnstrnt.c:199:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,". Maybe redundant one-sided constraints?");
data/evolver-2.70+ds/src/cnstrnt.c:275:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg+strlen(errmsg)," Projecting on constraints ");
data/evolver-2.70+ds/src/cnstrnt.c:278:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,". Maybe redundant one-sided constraints?");
data/evolver-2.70+ds/src/command.c:146:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[140];
data/evolver-2.70+ds/src/command.c:195:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",EXTRAS(i)[k].array_spec.sizes[j]);
data/evolver-2.70+ds/src/command.c:196:57: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if ( EXTRAS(i)[k].array_spec.dim == 0 ) strcat(msg," scalar ");
data/evolver-2.70+ds/src/command.c:311:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Diffusion constant is %f. Enter new: ",
data/evolver-2.70+ds/src/command.c:329:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Gravity is now ON with gravitational constant %f.\n",
data/evolver-2.70+ds/src/command.c:331:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"Gravity is now OFF.\n");
data/evolver-2.70+ds/src/command.c:350:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/evolver-2.70+ds/src/command.c:362:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Gap constant is %f. Enter new: ",
data/evolver-2.70+ds/src/command.c:391:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter scale factor (%g): ",(DOUBLE)web.scale);
data/evolver-2.70+ds/src/command.c:399:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Scale optimizing. Enter scale limit (%g): ",(DOUBLE)web.maxscale);
data/evolver-2.70+ds/src/command.c:414:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Pressure now %f\n",(DOUBLE)web.pressure);
data/evolver-2.70+ds/src/command.c:453:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Enter target size (%g): ",
data/evolver-2.70+ds/src/command.c:470:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter temperature for jiggling (default %f): ",
data/evolver-2.70+ds/src/command.c:499:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Edges refined: %d\n",
data/evolver-2.70+ds/src/command.c:521:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Edges refined: %d\n",
data/evolver-2.70+ds/src/command.c:554:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,
data/evolver-2.70+ds/src/command.c:565:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of edges notched: %d\n",
data/evolver-2.70+ds/src/command.c:585:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Vertices popped: %d\n",web.vertex_pop_count);
data/evolver-2.70+ds/src/command.c:594:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Edges popped: %d\n",web.edge_pop_count);
data/evolver-2.70+ds/src/command.c:613:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Vertices popped: %d\n",web.vertex_pop_count);
data/evolver-2.70+ds/src/command.c:643:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Deleted edges: %d\n",
data/evolver-2.70+ds/src/command.c:676:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Edges switched in equiangulation: %d\n",
data/evolver-2.70+ds/src/command.c:715:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Skinny triangles weeded: %d\n",
data/evolver-2.70+ds/src/command.c:737:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(response);
data/evolver-2.70+ds/src/command.c:746:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter zoom vertex number (%d): ",znum);
data/evolver-2.70+ds/src/command.c:762:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter cut-off radius (%f): ",(DOUBLE)web.zoom_radius);
data/evolver-2.70+ds/src/command.c:812:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfd = fopen(response,"w");
data/evolver-2.70+ds/src/command.c:861:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Illegal command: %c. Type h for help.\n", c);
data/evolver-2.70+ds/src/command.c:884:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"refinement: %1d energy: %*.*Qg ",m,DWIDTH,DPREC,extrap_val[m]);
data/evolver-2.70+ds/src/command.c:886:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"refinement: %1d energy: %*.*Lg ",m,DWIDTH,DPREC,extrap_val[m]);
data/evolver-2.70+ds/src/command.c:888:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"refinement: %1d energy: %19.15f ",m,extrap_val[m]);
data/evolver-2.70+ds/src/command.c:896:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"extrapolation: %*.*Qg\n",DWIDTH,DPREC,ext);
data/evolver-2.70+ds/src/command.c:898:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"extrapolation: %*.*Lg\n",DWIDTH,DPREC,ext);
data/evolver-2.70+ds/src/command.c:900:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"extrapolation: %19.15f\n",ext);
data/evolver-2.70+ds/src/command.c:956:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Total time: %f\n",(DOUBLE)total_time);
data/evolver-2.70+ds/src/command.c:960:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Total energy: %*.*Qg\n",DWIDTH,DPREC,web.total_energy);
data/evolver-2.70+ds/src/command.c:962:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Total energy: %*.*Lg\n",DWIDTH,DPREC,web.total_energy);
data/evolver-2.70+ds/src/command.c:964:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Total energy: %17.15g\n",web.total_energy);
data/evolver-2.70+ds/src/command.c:970:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Gap energy: %*.*Qg\n",DWIDTH,DPREC,web.spring_energy);
data/evolver-2.70+ds/src/command.c:972:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Gap energy: %*.*Lg\n",DWIDTH,DPREC,web.spring_energy);
data/evolver-2.70+ds/src/command.c:974:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Gap energy: %17.15g\n",web.spring_energy);
data/evolver-2.70+ds/src/command.c:987:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Euclidean measure: %17.15f\n",
data/evolver-2.70+ds/src/command.c:993:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lagrange order %d (Bezier basis polynomials)\n",
data/evolver-2.70+ds/src/command.c:996:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lagrange order %d\n",web.lagrange_order);
data/evolver-2.70+ds/src/command.c:999:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Integral order 1D: %d 2D: %d\n",web.gauss1D_order,
data/evolver-2.70+ds/src/command.c:1006:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," Max normal change %4.2f\n",(DOUBLE)web.norm_check_max);
data/evolver-2.70+ds/src/command.c:1020:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Homothety ON, target size %g\n",
data/evolver-2.70+ds/src/command.c:1032:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Motion scale factor fixed at %g\n",
data/evolver-2.70+ds/src/command.c:1035:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Motion scale factor optimizing at %g; upper bound %f\n",
data/evolver-2.70+ds/src/command.c:1040:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Self similar motion is ON; coefficient %f\n,",
data/evolver-2.70+ds/src/command.c:1046:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Diffusion is ON; diffusion constant: %f\n,",
data/evolver-2.70+ds/src/command.c:1052:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Gravity is ON; gravitational constant %f.\n",
data/evolver-2.70+ds/src/command.c:1058:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Autochopping is ON; cutoff length %g.\n",
data/evolver-2.70+ds/src/command.c:1069:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Integral mean curvature is ON, modulus %g.\n",
data/evolver-2.70+ds/src/command.c:1074:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Square curvature is ON, modulus %g.\n",
data/evolver-2.70+ds/src/command.c:1087:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Jiggling is ON; temperature is %f.\n",
data/evolver-2.70+ds/src/command.c:1094:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Convexity gap constant is %f.\n",
data/evolver-2.70+ds/src/command.c:1100:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Ambient pressure: %f\n",(DOUBLE)web.pressure);
data/evolver-2.70+ds/src/command.c:1114:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Area^3/volume^2 figure of merit: %17.15f\n\n",
data/evolver-2.70+ds/src/command.c:1278:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/command.c:1290:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %-#*.*Qg\n",
data/evolver-2.70+ds/src/command.c:1293:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %-#*.*Lg\n",
data/evolver-2.70+ds/src/command.c:1296:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %-#21.15g\n",
data/evolver-2.70+ds/src/command.c:1300:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg+strlen(msg)-1," optimizing_parameter\n");
data/evolver-2.70+ds/src/command.c:1306:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",g->attr.arrayptr->sizes[k]);
data/evolver-2.70+ds/src/command.c:1310:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %1.40s\n", n+1,g->name,g->value.string);
data/evolver-2.70+ds/src/command.c:1323:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %-#*.*Qg\n", web.global_count +
data/evolver-2.70+ds/src/command.c:1326:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %-#*.*Lg\n", web.global_count +
data/evolver-2.70+ds/src/command.c:1329:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %-#21.15g\n", web.global_count +
data/evolver-2.70+ds/src/command.c:1333:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg+strlen(msg)-1," optimizing_parameter\n");
data/evolver-2.70+ds/src/command.c:1336:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %31.31s %1.40s\n", web.global_count +
data/evolver-2.70+ds/src/command.c:1441:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %-31.31s %#*.*Qg",k+1,q->name,DWIDTH,DPREC,q->value);
data/evolver-2.70+ds/src/command.c:1443:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %-31.31s %#*.*Lg",k+1,q->name,DWIDTH,DPREC,q->value);
data/evolver-2.70+ds/src/command.c:1445:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%2d. %-31.31s %#21.15g",k+1,q->name,q->value);
data/evolver-2.70+ds/src/command.c:1447:33: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if ( q->flags & Q_FIXED ) strcat(msg," fixed quantity\n");
data/evolver-2.70+ds/src/command.c:1448:39: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( q->flags & Q_ENERGY ) strcat(msg," energy quantity\n");
data/evolver-2.70+ds/src/command.c:1449:42: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( q->flags & Q_CONSERVED ) strcat(msg," conserved quantity\n");
data/evolver-2.70+ds/src/command.c:1450:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(msg," info_only quantity\n");
data/evolver-2.70+ds/src/command.c:1456:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Qg\n","target",DWIDTH,DPREC,
data/evolver-2.70+ds/src/command.c:1459:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Lg\n","target",DWIDTH,DPREC,
data/evolver-2.70+ds/src/command.c:1462:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#21.15g\n","target",q->target);
data/evolver-2.70+ds/src/command.c:1469:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Qg\n","modulus",DWIDTH,
data/evolver-2.70+ds/src/command.c:1472:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Lg\n","modulus",DWIDTH,
data/evolver-2.70+ds/src/command.c:1475:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#21.15g\n","modulus",q->modulus);
data/evolver-2.70+ds/src/command.c:1483:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Qg\n","volconst",DWIDTH,
data/evolver-2.70+ds/src/command.c:1486:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Lg\n","volconst",DWIDTH,
data/evolver-2.70+ds/src/command.c:1489:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#21.15g\n","volconst",q->volconst);
data/evolver-2.70+ds/src/command.c:1502:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %-31.31s %#*.*Qg",mi->name,DWIDTH,DPREC,mi->value);
data/evolver-2.70+ds/src/command.c:1504:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %-31.31s %#*.*Lg",mi->name,DWIDTH,DPREC,mi->value);
data/evolver-2.70+ds/src/command.c:1506:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %-31.31s %#21.15g",mi->name,mi->value);
data/evolver-2.70+ds/src/command.c:1508:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg," method instance\n");
data/evolver-2.70+ds/src/command.c:1513:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Qg\n","modulus",
data/evolver-2.70+ds/src/command.c:1516:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#*.*Lg\n","modulus",
data/evolver-2.70+ds/src/command.c:1519:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#21.15g\n","modulus",mi->modulus);
data/evolver-2.70+ds/src/command.c:1525:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %31.31s %#21.15f %10d calls\n",
data/evolver-2.70+ds/src/command.c:1528:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#21.15f %10d calls\n",
data/evolver-2.70+ds/src/command.c:1531:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %31.31s %#21.15f %10d calls\n",
data/evolver-2.70+ds/src/command.c:1551:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Method instance element setup time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1555:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Overall calc_quants time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1559:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Overall calc_quant_grads time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1563:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Overall calc_quant_hess time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1567:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Hessian solution time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1580:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," Hessian AIJ setup time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1583:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," Hessian constraint setup time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1586:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," Hessian project setup time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1589:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," Hessian factor time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1592:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," Hessian CHinvC time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1595:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," Hessian solve time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1598:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," Hessian multiplication time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1604:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"exparse time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1608:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"yyparse time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1612:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"yylex+kblex total time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1616:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"kblex time: %15.10f\n",
data/evolver-2.70+ds/src/command.c:1620:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Using processor speed of %g Hz\n",cpu_speed);
data/evolver-2.70+ds/src/curtest.c:73:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"\nPositive curvature edges: %6d\n",edgetally[2]);
data/evolver-2.70+ds/src/curtest.c:75:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Negative curvature edges: %6d\n",edgetally[0]);
data/evolver-2.70+ds/src/curtest.c:77:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Mixed curvature edges: %6d\n",edgetally[1]);
data/evolver-2.70+ds/src/curtest.c:79:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Positive curvature facets: %6d\n",facettally[2]);
data/evolver-2.70+ds/src/curtest.c:81:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Negative curvature facets: %6d\n",facettally[0]);
data/evolver-2.70+ds/src/curtest.c:83:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Mixed curvature facets: %6d\n\n",facettally[1]);
data/evolver-2.70+ds/src/display.c:28:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/display.c:32:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Inner clip radius (%g): ",(DOUBLE)inner_clip_rad);
data/evolver-2.70+ds/src/display.c:658:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/display.c:679:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"No generator '%c'.\n",*c);
data/evolver-2.70+ds/src/display.c:700:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stack[stacktop].num = atoi(c);
data/evolver-2.70+ds/src/display.c:710:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else { sprintf(errmsg,"Illegal character '%c' in transform expression.\n",
data/evolver-2.70+ds/src/dodecGroup.c:372:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((char *)xform,(char*)yform,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/dodecGroup.c:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(w),(char*)x,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/dump.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/evolver-2.70+ds/src/dump.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultname[200];
data/evolver-2.70+ds/src/dump.c:58:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(defaultname,".dmp");
data/evolver-2.70+ds/src/dump.c:95:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%d",*(int*)src);
data/evolver-2.70+ds/src/dump.c:98:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%u",*(unsigned int*)src);
data/evolver-2.70+ds/src/dump.c:101:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%d",*(char*)src);
data/evolver-2.70+ds/src/dump.c:104:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%u",*(unsigned char*)src);
data/evolver-2.70+ds/src/dump.c:107:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%d",*(short int*)src);
data/evolver-2.70+ds/src/dump.c:110:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%u",*(unsigned short int*)src);
data/evolver-2.70+ds/src/dump.c:113:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%ld",*(long int*)src);
data/evolver-2.70+ds/src/dump.c:116:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%lu",*(unsigned long int*)src);
data/evolver-2.70+ds/src/dump.c:120:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest,"\"\"");
data/evolver-2.70+ds/src/dump.c:130:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"%p",*(char**)src);
data/evolver-2.70+ds/src/dump.c:136:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"none");
data/evolver-2.70+ds/src/dump.c:142:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"none");
data/evolver-2.70+ds/src/dump.c:148:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"none");
data/evolver-2.70+ds/src/dump.c:154:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"none");
data/evolver-2.70+ds/src/dump.c:160:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest,"none");
data/evolver-2.70+ds/src/dump.c:181:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(errmsg,"Illegal datatype %d\n",type);
data/evolver-2.70+ds/src/dump.c:228:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg,"\n ");
data/evolver-2.70+ds/src/dump.c:339:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"suppress_warning %d\n",warnings_suppressed[i]);
data/evolver-2.70+ds/src/dump.c:357:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"vertices_predicted %6d\n",web.skel[VERTEX].max_ord+1);
data/evolver-2.70+ds/src/dump.c:359:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"edges_predicted %6d\n",web.skel[EDGE].max_ord+1);
data/evolver-2.70+ds/src/dump.c:361:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"facets_predicted %6d\n",web.skel[FACET].max_ord+1);
data/evolver-2.70+ds/src/dump.c:363:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"facetedges_predicted %6d\n",web.skel[FACETEDGE].max_ord+1);
data/evolver-2.70+ds/src/dump.c:365:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"bodies_predicted %6d\n",web.skel[BODY].max_ord+1);
data/evolver-2.70+ds/src/dump.c:369:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"vertices_predicted %6ld\n",web.skel[VERTEX].count+1);
data/evolver-2.70+ds/src/dump.c:371:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"edges_predicted %6ld\n",web.skel[EDGE].count+1);
data/evolver-2.70+ds/src/dump.c:373:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"facets_predicted %6ld\n",web.skel[FACET].count+1);
data/evolver-2.70+ds/src/dump.c:375:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"facetedges_predicted %6ld\n",web.skel[FACETEDGE].count+1);
data/evolver-2.70+ds/src/dump.c:377:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"bodies_predicted %6ld\n",web.skel[BODY].count+1);
data/evolver-2.70+ds/src/dump.c:380:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"quantities_predicted %6d\n",gen_quant_count);
data/evolver-2.70+ds/src/dump.c:382:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"method_instances_predicted %6d\n",meth_inst_count);
data/evolver-2.70+ds/src/dump.c:399:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"// Total energy: %2.*Qg\n",DPREC,web.total_energy);
data/evolver-2.70+ds/src/dump.c:401:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"// Total energy: %2.*Lg\n",DPREC,web.total_energy);
data/evolver-2.70+ds/src/dump.c:403:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"// Total energy: %2.15g\n",web.total_energy);
data/evolver-2.70+ds/src/dump.c:415:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"SPACE_DIMENSION %d\n",SDIM); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:418:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else { sprintf(msg,"SURFACE_DIMENSION %d\n\n",web.dimension); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:421:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, "LAGRANGE\nlagrange_order %d\n\n",web.lagrange_order);
data/evolver-2.70+ds/src/dump.c:431:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"SCALE: %2.15g FIXED\n\n",(DOUBLE)web.scale); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:433:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"SCALE: %2.15g\n\n",(DOUBLE)web.scale); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:465:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"= %2.*Qg ",DPREC,g->value.real);
data/evolver-2.70+ds/src/dump.c:468:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"= %2.*Lg ",DPREC,g->value.real);
data/evolver-2.70+ds/src/dump.c:471:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"= %2.15g ",g->value.real); outstring(msg);
data/evolver-2.70+ds/src/dump.c:477:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"pdelta = %2.*Qg ",DPREC,g->attr.varstuff.delta);
data/evolver-2.70+ds/src/dump.c:480:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"pdelta = %2.*Lg ",DPREC,g->attr.varstuff.delta);
data/evolver-2.70+ds/src/dump.c:483:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"pdelta = %2.15g ",g->attr.varstuff.delta);
data/evolver-2.70+ds/src/dump.c:491:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"pscale = %2.*Qg ",DPREC,g->attr.varstuff.pscale);
data/evolver-2.70+ds/src/dump.c:493:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"pscale = %2.*Lg ",DPREC,g->attr.varstuff.pscale);
data/evolver-2.70+ds/src/dump.c:495:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"pscale = %2.15g ",g->attr.varstuff.pscale);
data/evolver-2.70+ds/src/dump.c:514:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",a->sizes[j]);
data/evolver-2.70+ds/src/dump.c:543:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %*.*Qf ",DWIDTH,DPREC,web.torus_period[i][j]);
data/evolver-2.70+ds/src/dump.c:545:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %*.*Lf ",DWIDTH,DPREC,web.torus_period[i][j]);
data/evolver-2.70+ds/src/dump.c:547:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %18.15f ",web.torus_period[i][j]);
data/evolver-2.70+ds/src/dump.c:571:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %*.*Qf ",DWIDTH,DPREC,web.torus_display_period[i][j]);
data/evolver-2.70+ds/src/dump.c:573:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %*.*Lf ",DWIDTH,DPREC,web.torus_display_period[i][j]);
data/evolver-2.70+ds/src/dump.c:575:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %18.15f ",web.torus_display_period[i][j]);
data/evolver-2.70+ds/src/dump.c:587:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %*.*Qf ",DWIDTH,DPREC,web.display_origin[i]);
data/evolver-2.70+ds/src/dump.c:589:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %*.*Lf ",DWIDTH,DPREC,web.display_origin[i]);
data/evolver-2.70+ds/src/dump.c:591:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %18.15f ",web.display_origin[i]);
data/evolver-2.70+ds/src/dump.c:602:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"VIEW_TRANSFORM_GENERATORS %d \n",n);
data/evolver-2.70+ds/src/dump.c:619:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"VIEW_TRANSFORMS %d \n",transform_count-1);
data/evolver-2.70+ds/src/dump.c:630:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%18.15g ",(DOUBLE)view_transforms[k][i][j]);
data/evolver-2.70+ds/src/dump.c:639:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"MERIT_FACTOR: %2.15g\n\n",(DOUBLE)web.meritfactor); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:642:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"GRAVITY_CONSTANT: %2.*Qg\n\n",DPREC,web.grav_const); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:644:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"GRAVITY_CONSTANT: %2.*Lg\n\n",DPREC,web.grav_const); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:646:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"GRAVITY_CONSTANT: %2.15g\n\n",web.grav_const); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:650:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"DIFFUSION: %2.*Qg\n\n",DPREC,web.diffusion_const); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:652:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"DIFFUSION: %2.*Lg\n\n",DPREC,web.diffusion_const); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:654:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"DIFFUSION: %2.15g\n\n",web.diffusion_const); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:657:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"AUTOCHOP %2.15g\n\n",(DOUBLE)autochop_length); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:659:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"HOMOTHETY %2.15g\n\n",(DOUBLE)homothety_target); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:674:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"TOTAL_TIME %g\n\n",(DOUBLE)total_time); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:678:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"SQUARE_CURVATURE: %2.15g\n\n",
data/evolver-2.70+ds/src/dump.c:681:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"SQUARE_GAUSSIAN_CURVATURE: %2.15g\n\n",
data/evolver-2.70+ds/src/dump.c:684:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"MEAN_CURVATURE_INTEGRAL: %2.15g\n\n",
data/evolver-2.70+ds/src/dump.c:691:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"GAP_CONSTANT: %2.15g\n\n",(DOUBLE)web.spring_constant); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:693:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"AREA_NORMALIZATION \n\n"); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:695:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"JIGGLE\n\n"); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:697:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"TEMPERATURE: %2.15g\n\n",(DOUBLE)web.temperature); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:699:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"PRESSURE: %2.15g\n\n",(DOUBLE)web.pressure); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:701:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"SCALE_LIMIT: %2.15g\n\n",(DOUBLE)web.maxscale); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:703:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"INTEGRAL_ORDER_1D: %d\n\n",web.gauss1D_order); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:705:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"INTEGRAL_ORDER_2D: %d\n\n",web.gauss2D_order); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:707:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"CONSTRAINT_TOLERANCE: %2.15g\n\n",(DOUBLE)web.tolerance); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:709:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"SYMMETRIC_CONTENT\n\n"); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:718:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ( klein_metric_flag ) { sprintf(msg,"KLEIN_METRIC\n\n"); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:720:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"CONFORMAL_METRIC\n"); outstring(msg);
data/evolver-2.70+ds/src/dump.c:726:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"METRIC\n"); outstring(msg);
data/evolver-2.70+ds/src/dump.c:752:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[j]);
data/evolver-2.70+ds/src/dump.c:754:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),
data/evolver-2.70+ds/src/dump.c:767:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%18.15f ", (DOUBLE)view[i][j]);
data/evolver-2.70+ds/src/dump.c:795:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%8.5f",(DOUBLE)clip_coeff[i][j]);
data/evolver-2.70+ds/src/dump.c:813:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%8.5f",(DOUBLE)slice_coeff[j]);
data/evolver-2.70+ds/src/dump.c:869:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"c%d: ",i+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:942:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," modulus %3.*Qg ",DPREC,mi->modulus);
data/evolver-2.70+ds/src/dump.c:944:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," modulus %3.*Lg ",DPREC,mi->modulus);
data/evolver-2.70+ds/src/dump.c:946:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," modulus %3.15g ",mi->modulus);
data/evolver-2.70+ds/src/dump.c:953:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," parameter_1 %3.*Lg ",DPREC,mi->parameter_1);
data/evolver-2.70+ds/src/dump.c:955:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," parameter_1 %3.*Lg ",DPREC,mi->parameter_1);
data/evolver-2.70+ds/src/dump.c:957:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," parameter_1 %3.15g ",mi->parameter_1);
data/evolver-2.70+ds/src/dump.c:970:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Q%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:976:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"k_vector_order %d\nvector_integrand: \n",mi->vec_order);
data/evolver-2.70+ds/src/dump.c:979:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Q%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:987:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Q%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1025:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %*.*Qg",DWIDTH,DPREC,param[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1027:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %*.*Lg",DWIDTH,DPREC,param[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1029:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %17.15g",param[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1033:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," /* ("); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1036:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %*.*Qg",DWIDTH,DPREC,x[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1038:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %*.*Lg",DWIDTH,DPREC,x[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1040:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %17.15g",x[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1042:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,") */"); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1049:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %*.*Qg",DWIDTH,DPREC,x[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1051:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %*.*Lg",DWIDTH,DPREC,x[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1053:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," %17.15g",x[i]); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1059:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," constraints "); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1066:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%d ",conmap[i]&CONMASK); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1070:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ( attr & FIXED ) { sprintf(msg, " fixed "); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1073:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " axial_point "); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1075:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " bare "); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1077:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " no_hessian_normal "); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1173:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," wrap 0x%06lX\n",wrap);
data/evolver-2.70+ds/src/dump.c:1180:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case NEGWRAP : sprintf(msg," -"); outstring(msg); break;
data/evolver-2.70+ds/src/dump.c:1181:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0 : sprintf(msg," *"); outstring(msg); break;
data/evolver-2.70+ds/src/dump.c:1182:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case POSWRAP : sprintf(msg," +"); outstring(msg); break;
data/evolver-2.70+ds/src/dump.c:1187:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," bad"); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1193:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," wrap %ld ",wrap); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1198:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.*Qg ",DPREC,get_edge_density(e_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1200:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.*Lg ",DPREC,get_edge_density(e_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1202:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.15g ",get_edge_density(e_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1212:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," constraints "); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1219:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%d ",conmap[i]&CONMASK); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1226:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"fixed "); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1227:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ( attr & BARE_NAKED ) { sprintf(msg," bare "); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1236:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," /*length %g*/ ",(DOUBLE)get_edge_length(e_id)); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1317:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," \\\n "); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1338:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," constraints "); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1345:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%d ",conmap[i]&CONMASK); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1352:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.*Qg ",DPREC,get_facet_density(f_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1354:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.*Lg ",DPREC,get_facet_density(f_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1356:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.15g ",get_facet_density(f_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1364:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," phase %d ",get_f_phase(f_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1372:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," opacity %f ",(DOUBLE)(*(REAL*)get_extra(f_id,opacity_attr)));
data/evolver-2.70+ds/src/dump.c:1392:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," /*area %g*/", (DOUBLE)get_facet_area(f_id)); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1448:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," \\\n "); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1486:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " volconst %1.*Qg ",DPREC,get_body_volconst(b_id));
data/evolver-2.70+ds/src/dump.c:1488:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " volconst %1.*Lg ",DPREC,get_body_volconst(b_id));
data/evolver-2.70+ds/src/dump.c:1490:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " volconst %1.15g ",get_body_volconst(b_id));
data/evolver-2.70+ds/src/dump.c:1496:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " actual_volume %1.*Qg ",DPREC,bvol);
data/evolver-2.70+ds/src/dump.c:1498:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " actual_volume %1.*Lg ",DPREC,bvol);
data/evolver-2.70+ds/src/dump.c:1500:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, " actual_volume %1.15g ",bvol);
data/evolver-2.70+ds/src/dump.c:1506:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," pressure %1.*Qg",DPREC, get_body_pressure(b_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1508:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," pressure %1.*Lg",DPREC, get_body_pressure(b_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1510:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," pressure %1.15g", get_body_pressure(b_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1515:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.*Qg ",DPREC,den); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1517:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.*Lg ",DPREC,den); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1519:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," density %1.15g ",den); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1522:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," PHASE %d ",get_b_phase(b_id)); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:1603:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultname[100];
data/evolver-2.70+ds/src/dump.c:1612:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(defaultname+strlen(defaultname),".task%d",this_task);
data/evolver-2.70+ds/src/dump.c:1614:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(defaultname,".dmp");
data/evolver-2.70+ds/src/dump.c:1620:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dumpfd = fopen(name,"w");
data/evolver-2.70+ds/src/dump.c:1883:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%c :::= {} \n",i);
data/evolver-2.70+ds/src/dump.c:1982:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%c",i);
data/evolver-2.70+ds/src/dump.c:1986:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%c :::= ",i);
data/evolver-2.70+ds/src/dump.c:2036:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,":= %2.*Qg; ",DPREC,g->value.real);
data/evolver-2.70+ds/src/dump.c:2038:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,":= %2.*Lg; ",DPREC,g->value.real);
data/evolver-2.70+ds/src/dump.c:2040:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,":= %2.15g; ",g->value.real);
data/evolver-2.70+ds/src/dump.c:2078:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",a->sizes[j]);
data/evolver-2.70+ds/src/dump.c:2099:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[k]);
data/evolver-2.70+ds/src/dump.c:2115:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"window_aspect_ratio := %18.15f\n",
data/evolver-2.70+ds/src/dump.c:2125:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," view_transforms_unique_point[%d] := %18.15f\n",i+1,
data/evolver-2.70+ds/src/dump.c:2140:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"thickness := %g\n",(double)thickness); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2142:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"hessian_slant_cutoff := %g\n",(double)hessian_slant_cutoff); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2222:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"linear_metric_mix := %2.*Qg\n",DPREC,linear_metric_mix);
data/evolver-2.70+ds/src/dump.c:2224:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"linear_metric_mix := %2.*Lg\n",DPREC,linear_metric_mix);
data/evolver-2.70+ds/src/dump.c:2226:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"linear_metric_mix := %2.15g\n",(DOUBLE)linear_metric_mix);
data/evolver-2.70+ds/src/dump.c:2239:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"target_tolerance := %2.15g\n",(DOUBLE)web.target_tolerance);
data/evolver-2.70+ds/src/dump.c:2243:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"brightness := %2.15g\n",(DOUBLE)brightness);
data/evolver-2.70+ds/src/dump.c:2320:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[400];
data/evolver-2.70+ds/src/dump.c:2330:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(name,"w");
data/evolver-2.70+ds/src/dump.c:2376:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," constraints "); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2383:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%d ",conmap[i]&CONMASK); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2387:36: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ( get_vattr(v_id)&FIXED ) { sprintf(msg, " fixed "); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2395:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"f: %17.*Qf %17.*Qf |f| = %g\n\n",
data/evolver-2.70+ds/src/dump.c:2398:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"f: %17.*Lf %17.*Lf |f| = %g\n\n",
data/evolver-2.70+ds/src/dump.c:2401:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"f: %17.15f %17.15f |f| = %g\n\n",
data/evolver-2.70+ds/src/dump.c:2407:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"f: %17.*Qf %17.*Qf %17.*Qf |f| = %g\n\n",
data/evolver-2.70+ds/src/dump.c:2410:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"f: %17.*Lf %17.*Lf %17.*Lf |f| = %g\n\n",
data/evolver-2.70+ds/src/dump.c:2413:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"f: %17.15f %17.15f %17.15f |f| = %g\n\n",
data/evolver-2.70+ds/src/dump.c:2447:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[j]);
data/evolver-2.70+ds/src/dump.c:2517:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," tolerance %2.*Qg ",DPREC,q->tolerance); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2519:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," tolerance %2.*Lg ",DPREC,q->tolerance); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2521:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," tolerance %2.15g ",q->tolerance); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2525:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," modulus %2.*Qg ",DPREC,q->modulus); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2527:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," modulus %2.*Lg ",DPREC,q->modulus); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2529:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," modulus %2.15g ",q->modulus); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2533:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," volconst %2.*Qg ",DPREC,q->volconst); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2535:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," volconst %2.*Lg ",DPREC,q->volconst); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2537:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," volconst %2.15g ",q->volconst); outstring(msg); }
data/evolver-2.70+ds/src/dump.c:2587:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"\nCONSTRAINT %d ",cnum);
data/evolver-2.70+ds/src/dump.c:2595:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," content_rank %d\n",con->content_rank);
data/evolver-2.70+ds/src/dump.c:2606:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"E%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2614:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"C%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2634:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"\nBOUNDARY %d PARAMETERS %d",bnum,bdry->pcount);
data/evolver-2.70+ds/src/dump.c:2640:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," content_rank %d\n",bdry->content_rank);
data/evolver-2.70+ds/src/dump.c:2645:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"X%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2653:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"E%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2661:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"C%1d: ",j+1); outstring(msg);
data/evolver-2.70+ds/src/eval_all.c:551:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Divide by zero.\n");
data/evolver-2.70+ds/src/eval_all.c:567:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Modulus base zero.\n");
data/evolver-2.70+ds/src/eval_all.c:619:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Negative power (%d) of zero.\n",node->op1.intpow);
data/evolver-2.70+ds/src/eval_all.c:646:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Negative power (%f) of zero in derivative.\n",
data/evolver-2.70+ds/src/eval_all.c:652:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Nonintegral power (%f) of negative number.\n",(double)y);
data/evolver-2.70+ds/src/eval_all.c:721:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Square root of negative number %g \n",(DOUBLE)(stacktop->value));
data/evolver-2.70+ds/src/eval_all.c:833:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Log argument is %18.15f; must be positive.\n",
data/evolver-2.70+ds/src/eval_all.c:846:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Asin argument is %18.15f, magnitude greater than 1.\n",
data/evolver-2.70+ds/src/eval_all.c:860:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Acos argument is %18.15f, magnitude greater than 1.\n",
data/evolver-2.70+ds/src/eval_all.c:1309:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Can only do constraint value for vertices.\n");
data/evolver-2.70+ds/src/eval_all.c:1531:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:603:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/eval_sec.c:627:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Modulus base 0.\n");
data/evolver-2.70+ds/src/eval_sec.c:642:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Modulus base 0.\n");
data/evolver-2.70+ds/src/eval_sec.c:656:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/eval_sec.c:683:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Negative power zero.\n");
data/evolver-2.70+ds/src/eval_sec.c:709:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Negative power (%f) of zero in second derivative.\n",
data/evolver-2.70+ds/src/eval_sec.c:717:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Nonintegral power (%f) of negative number.\n",(double)y);
data/evolver-2.70+ds/src/eval_sec.c:768:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Square root of negative number %g.\n",(DOUBLE)(stacktop->value));
data/evolver-2.70+ds/src/eval_sec.c:852:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Log of nonpositive number.\n");
data/evolver-2.70+ds/src/eval_sec.c:868:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Asin argument magnitude greater than 1.\n");
data/evolver-2.70+ds/src/eval_sec.c:885:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Acos argument magnitude greater than 1.\n");
data/evolver-2.70+ds/src/eval_sec.c:960:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Acosh argument less than 1.\n");
data/evolver-2.70+ds/src/eval_sec.c:978:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Atanh argument magnitude greater than 1.\n");
data/evolver-2.70+ds/src/eval_sec.c:1004:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/eval_sec.c:1179:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,"Pressure only for bodies.\n");
data/evolver-2.70+ds/src/eval_sec.c:1214:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,"Phase of wrong type element.\n");
data/evolver-2.70+ds/src/eval_sec.c:1232:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,"Density of wrong type element.\n");
data/evolver-2.70+ds/src/eval_sec.c:1508:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:1531:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:1549:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Can only do constraint value for vertices.\n");
data/evolver-2.70+ds/src/eval_sec.c:1573:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,
data/evolver-2.70+ds/src/eval_sec.c:1756:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:117:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:186:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid tail vertex %d in new_edge.\n",v1);
data/evolver-2.70+ds/src/evalmore.c:192:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid head vertex %d in new_edge.\n",v2);
data/evolver-2.70+ds/src/evalmore.c:217:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Invalid edge %g in new_facet.\n",(double)stacktop[-i]);
data/evolver-2.70+ds/src/evalmore.c:246:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:303:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Invalid vertex %d in new_facet.\n",(int)stacktop[-i]);
data/evolver-2.70+ds/src/evalmore.c:337:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid first vertex %d in vertex_merge.\n",v1);
data/evolver-2.70+ds/src/evalmore.c:343:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid second vertex %d in vertex_merge.\n",v2);
data/evolver-2.70+ds/src/evalmore.c:363:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid first edge %d in edge_merge.\n",e1);
data/evolver-2.70+ds/src/evalmore.c:369:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid second edge %d in edge_merge.\n",e2);
data/evolver-2.70+ds/src/evalmore.c:389:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid first facet %d in facet_merge.\n",f1);
data/evolver-2.70+ds/src/evalmore.c:395:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid second facet %d in facet_merge.\n",f2);
data/evolver-2.70+ds/src/evalmore.c:409:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:416:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:429:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:436:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:513:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Cannot set random. Set random_seed instead.\n");
data/evolver-2.70+ds/src/evalmore.c:525:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal: illegal variable number %d.\n",
data/evolver-2.70+ds/src/evalmore.c:566:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Brightness is %f; must be between 0 and 1.\n",
data/evolver-2.70+ds/src/evalmore.c:583:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"hessian_epsilon is negative!\n");
data/evolver-2.70+ds/src/evalmore.c:642:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "Illegal value %d for bounding_box_color.\n",(int)val);
data/evolver-2.70+ds/src/evalmore.c:656:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case V_RANDOM: sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:697:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal: illegal internal variable number %d.\n",
data/evolver-2.70+ds/src/evalmore.c:735:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"New edges: %d\n",web.facet_refine_count = skinny(*(stacktop--)));
data/evolver-2.70+ds/src/evalmore.c:827:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Cannot set body volume to ENERGY.\n");
data/evolver-2.70+ds/src/evalmore.c:841:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Cannot set body volume to CONSERVED.\n");
data/evolver-2.70+ds/src/evalmore.c:862:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Too many optimizing parameters. Increase MAXOPTPARAM in extern.h and recompile.\n");
data/evolver-2.70+ds/src/evalmore.c:1048:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Must unset body pressure before fixing target.\n");
data/evolver-2.70+ds/src/evalmore.c:1098:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Illegal constraint number: %d.\n",con);
data/evolver-2.70+ds/src/evalmore.c:1132:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Boundary %d is not valid.\n",k);
data/evolver-2.70+ds/src/evalmore.c:1181:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Bad element type for boundary.\n");
data/evolver-2.70+ds/src/evalmore.c:1208:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Cannot have negative \"original\" attribute.\n");
data/evolver-2.70+ds/src/evalmore.c:1261:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:1294:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Parameter number is %d; maximum is %d.\n",
data/evolver-2.70+ds/src/evalmore.c:1310:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Parameter index too high.\n");
data/evolver-2.70+ds/src/evalmore.c:1324:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid body in SET FRONTBODY or BACKBODY.\n");
data/evolver-2.70+ds/src/evalmore.c:1334:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Unhandled SET attribute %d\n",node->op2.attr_kind);
data/evolver-2.70+ds/src/evalmore.c:1480:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Illegal assignment operation on element id attribute.\n");
data/evolver-2.70+ds/src/evalmore.c:1493:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Illegal assignment operation on pointer attribute.\n");
data/evolver-2.70+ds/src/evalmore.c:1509:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Illegal assignment operation on attribute.\n");
data/evolver-2.70+ds/src/evalmore.c:1591:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Must unset body pressure before fixing target.\n");
data/evolver-2.70+ds/src/evalmore.c:1612:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Must unset body target before fixing pressure.\n");
data/evolver-2.70+ds/src/evalmore.c:1648:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Illegal constraint number: %d.\n",con);
data/evolver-2.70+ds/src/evalmore.c:1722:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:1771:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Parameter number is %d; maximum is %d.\n",
data/evolver-2.70+ds/src/evalmore.c:1815:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid body in SET FRONTBODY or BACKBODY.\n");
data/evolver-2.70+ds/src/evalmore.c:1825:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Unhandled SET attribute %d\n",node->op2.attr_kind);
data/evolver-2.70+ds/src/evalmore.c:1883:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Can't do body vertices yet.\n");
data/evolver-2.70+ds/src/evalmore.c:1938:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Can't do body edges yet.\n");
data/evolver-2.70+ds/src/evalmore.c:2045:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Can't do vertex bodies yet.\n");
data/evolver-2.70+ds/src/evalmore.c:2052:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Can't do edge bodies yet.\n");
data/evolver-2.70+ds/src/evalmore.c:2104:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d) ",history_number-k); outstring(msg);
data/evolver-2.70+ds/src/evalmore.c:2121:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfd = fopen(s,"w");
data/evolver-2.70+ds/src/evalmore.c:2122:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else outfd = fopen(s,"a");
data/evolver-2.70+ds/src/evalmore.c:2159:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
erroutfd = fopen(s,"w");
data/evolver-2.70+ds/src/evalmore.c:2160:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else erroutfd = fopen(s,"a");
data/evolver-2.70+ds/src/evalmore.c:2189:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfd = fopen(s+1,"a+");
data/evolver-2.70+ds/src/evalmore.c:2192:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfd = fopen(s,"w");
data/evolver-2.70+ds/src/evalmore.c:2401:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Qg scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2404:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Lg scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2418:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Qg scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2421:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Lg scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2437:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Qg scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2440:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Lg scale: %#g\n",gocount,
data/evolver-2.70+ds/src/evalmore.c:2466:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Qg \n",1,
data/evolver-2.70+ds/src/evalmore.c:2469:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Lg \n",1,
data/evolver-2.70+ds/src/evalmore.c:2482:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Qg \n",gocount, DWIDTH,
data/evolver-2.70+ds/src/evalmore.c:2485:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Lg \n",gocount, DWIDTH,
data/evolver-2.70+ds/src/evalmore.c:2578:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Node number %d exceeds maximum node number, %d.\n",
data/evolver-2.70+ds/src/evalmore.c:2585:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Node number %d is negative!\n", task);
data/evolver-2.70+ds/src/evalmore.c:2595:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Node_exec node number must be 0 for non-MPI Evolver.\n");
data/evolver-2.70+ds/src/evalmore.c:2614:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Unable to change directory. \n");
data/evolver-2.70+ds/src/evalmore.c:2616:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Try using \\\\ or / instead of \\.\n");
data/evolver-2.70+ds/src/evalmore.c:2642:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2674:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2681:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2688:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2697:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2704:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2711:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:2823:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/evalmore.c:2984:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Enter unit normal weight factor(%g): ",
data/evolver-2.70+ds/src/evalmore.c:3013:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of vertices popped: %d\n",
data/evolver-2.70+ds/src/evalmore.c:3016:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of vertices popped: %d\n",
data/evolver-2.70+ds/src/evalmore.c:3044:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Autochopping ON. Chop length %g ",(DOUBLE)autochop_length);
data/evolver-2.70+ds/src/evalmore.c:3238:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:3302:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:3462:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"This Evolver not compiled with BLAS.\n");
data/evolver-2.70+ds/src/evalmore.c:3613:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"hessian_special_normal_vector not set.\n");
data/evolver-2.70+ds/src/evalmore.c:3644:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:3668:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:3709:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %*.*Qg stepsize: %g\n",DWIDTH,DPREC,
data/evolver-2.70+ds/src/evalmore.c:3712:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %*.*Lg stepsize: %g\n",DWIDTH,DPREC,
data/evolver-2.70+ds/src/evalmore.c:3746:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char **)stacktop)[nn] = transform_expr;
data/evolver-2.70+ds/src/evalmore.c:3755:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char **)stacktop)[nn] = datafilename;
data/evolver-2.70+ds/src/evalmore.c:3764:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char **)stacktop)[nn] = warning_messages;
data/evolver-2.70+ds/src/evalmore.c:3774:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char **)stacktop)[nn] = node->op1.string;
data/evolver-2.70+ds/src/evalmore.c:3818:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char format[1000];
data/evolver-2.70+ds/src/evalmore.c:3896:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:3899:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Possibly % not followed by legal format?\n");
data/evolver-2.70+ds/src/evalmore.c:3929:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msgspot,"(NaN)");
data/evolver-2.70+ds/src/evalmore.c:3944:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:3975:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char format[1000];
data/evolver-2.70+ds/src/evalmore.c:3981:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "binary_printf: you must set 'big_endian' or 'little_endian' toggles.");
data/evolver-2.70+ds/src/evalmore.c:4034:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:4037:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Possibly % not followed by legal format?\n");
data/evolver-2.70+ds/src/evalmore.c:4054:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[4];
data/evolver-2.70+ds/src/evalmore.c:4065:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[2];
data/evolver-2.70+ds/src/evalmore.c:4079:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[8];
data/evolver-2.70+ds/src/evalmore.c:4091:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[4];
data/evolver-2.70+ds/src/evalmore.c:4104:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"binary_printf format string has unrecognized format character '%c'\n",f[-1]);
data/evolver-2.70+ds/src/evalmore.c:4109:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:4134:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%*.*Qg\n",DWIDTH,DPREC,*(stacktop--));
data/evolver-2.70+ds/src/evalmore.c:4136:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%*.*Lg\n",DWIDTH,DPREC,*(stacktop--));
data/evolver-2.70+ds/src/evalmore.c:4138:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%20.15g\n",*(stacktop--));
data/evolver-2.70+ds/src/evalmore.c:4160:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else { sprintf(msg,"%c",node->op1.letter); outstring(msg);}
data/evolver-2.70+ds/src/evalmore.c:4188:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%*.*Qg\n",DWIDTH,DPREC,*stacktop);
data/evolver-2.70+ds/src/evalmore.c:4190:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%*.*Lg\n",DWIDTH,DPREC,*stacktop);
data/evolver-2.70+ds/src/evalmore.c:4192:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%20.15g\n",*stacktop);
data/evolver-2.70+ds/src/evalmore.c:4220:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Notching not implemented for simplex representation.\n");
data/evolver-2.70+ds/src/evalmore.c:4227:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Notching angle not positive.\n");
data/evolver-2.70+ds/src/evalmore.c:4233:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"refine edge ee where max(ee.vertex,dihedral) > %f",
data/evolver-2.70+ds/src/evalmore.c:4240:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of edges notched: %d\n",web.notch_count);
data/evolver-2.70+ds/src/evalmore.c:4281:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Skinny triangles weeded: %d\n",
data/evolver-2.70+ds/src/evalmore.c:4314:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Deleted edges: %d\n",
data/evolver-2.70+ds/src/evalmore.c:4323:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Scale fixed at %g.\n",(DOUBLE)web.scale);
data/evolver-2.70+ds/src/evalmore.c:4324:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"Scale optimizing with bound %g.\n",(DOUBLE)web.maxscale);
data/evolver-2.70+ds/src/evalmore.c:4331:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Scale optimizing with bound %g.\n",(DOUBLE)web.maxscale);
data/evolver-2.70+ds/src/evalmore.c:4338:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Scale fixed at %g.\n",(DOUBLE)web.scale);
data/evolver-2.70+ds/src/evalmore.c:4353:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Gravity is now ON with gravitational constant %g.",
data/evolver-2.70+ds/src/evalmore.c:4358:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Gravity is now OFF.");
data/evolver-2.70+ds/src/evalmore.c:4404:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,
data/evolver-2.70+ds/src/evalmore.c:4412:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:4427:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"New edges: %d\n",
data/evolver-2.70+ds/src/evalmore.c:4601:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(*array_info)+(*array_info)->datastart
data/evolver-2.70+ds/src/evalmore.c:4636:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Zoom vertex %d not found.\n",vnum);
data/evolver-2.70+ds/src/evalmore.c:4643:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Zoom vertex not found.\n");
data/evolver-2.70+ds/src/evalmore.c:4662:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:4676:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evalmore.c:4697:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evalmore.c:4719:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evalmore.c:4733:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Tolerance must be positive.\n");
data/evolver-2.70+ds/src/evalmore.c:4746:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evalmore.c:4767:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evalmore.c:4789:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evalmore.c:4823:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Cannot do homothety without bodies.\n");
data/evolver-2.70+ds/src/evalmore.c:4833:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Enter target size (%g): ",(DOUBLE)homothety_target);
data/evolver-2.70+ds/src/evalmore.c:4892:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Ambient pressure ON; ambient pressure = %2.15g\n",
data/evolver-2.70+ds/src/evalmore.c:4898:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Ambient pressure OFF.\n");
data/evolver-2.70+ds/src/evalmore.c:4906:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"effective_area only for dimension 3.\n");
data/evolver-2.70+ds/src/evalmore.c:4922:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Normal_curvature only for dimension 3.\n");
data/evolver-2.70+ds/src/evalmore.c:4937:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Div_normal_curvature only for dimension 3.\n");
data/evolver-2.70+ds/src/evalmore.c:4988:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Too many display texts.\n");
data/evolver-2.70+ds/src/evalmore.c:5008:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Text id must be between 1 and %d.\n",MAXTEXTS);
data/evolver-2.70+ds/src/evalmore.c:5024:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"New bodies: %d\n",rebody());
data/evolver-2.70+ds/src/evalmore.c:5026:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Merged bodies: %d\n",merge_bodies());
data/evolver-2.70+ds/src/evalmore.c:5087:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"There are no bodies to display connectedly.\n");
data/evolver-2.70+ds/src/evalmore.c:5099:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evalmore.c:5191:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"make_thread_lists: stage and proc attributes don't exist.\n");
data/evolver-2.70+ds/src/evalmore.c:5206:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg+strlen(errmsg),"(appears to be corrupt node)\n");
data/evolver-2.70+ds/src/evalmore.c:5345:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: Toggle value omitted for toggle %d.\n",tog);
data/evolver-2.70+ds/src/evalmore.c:5661:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal: illegal variable number %d.\n",vartok);
data/evolver-2.70+ds/src/evalmore.c:5698:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(dest->start+2),(char*)enode,count*sizeof(struct treenode));
data/evolver-2.70+ds/src/evalmore.c:5719:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(locals->list,enode->op5.locals->list,enode->op5.locals->count*
data/evolver-2.70+ds/src/evalmore.c:5764:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(dest->start+2),(char*)enode,count*sizeof(struct treenode));
data/evolver-2.70+ds/src/evalmore.c:5841:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Trying to set body of wrong type element.\n");
data/evolver-2.70+ds/src/evalmore.c:5908:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:144:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error in eval(): no frame setup\n");
data/evolver-2.70+ds/src/evaltree.c:153:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char prompt_string[100];
data/evolver-2.70+ds/src/evaltree.c:161:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(prompt_string,"Debug command(%d): ",subshell_depth);
data/evolver-2.70+ds/src/evaltree.c:173:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char prompt_string[100];
data/evolver-2.70+ds/src/evaltree.c:181:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(prompt_string,"Debug command(%d): ",subshell_depth);
data/evolver-2.70+ds/src/evaltree.c:263:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char prompt_string[100];
data/evolver-2.70+ds/src/evaltree.c:275:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(prompt_string,"Subcommand(%d): ",subshell_depth);
data/evolver-2.70+ds/src/evaltree.c:377:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"free_discards called inside element loop. Ignored.\n");
data/evolver-2.70+ds/src/evaltree.c:438:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,
data/evolver-2.70+ds/src/evaltree.c:467:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:510:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Can't reload in a subcommand.\n");
data/evolver-2.70+ds/src/evaltree.c:627:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Can't reload in a subcommand.\n");
data/evolver-2.70+ds/src/evaltree.c:641:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
{ strcpy(errmsg, "Calling permload in non-permanent command.\n");
data/evolver-2.70+ds/src/evaltree.c:838:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(show_expr[etype]->locals->list,ex_current.locals->list,ex_current.locals->count*
data/evolver-2.70+ds/src/evaltree.c:862:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(single_redefine[node->op1.letter].name,"redefined command '%c'",
data/evolver-2.70+ds/src/evaltree.c:911:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(stacktop-localcount+1),
data/evolver-2.70+ds/src/evaltree.c:937:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(stacktop-localcount+1),
data/evolver-2.70+ds/src/evaltree.c:951:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: no FINISH node after RETURN\n");
data/evolver-2.70+ds/src/evaltree.c:1183:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Only vertices and edges poppable.\n");
data/evolver-2.70+ds/src/evaltree.c:1539:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char **)stacktop)[nn] = g->value.string;
data/evolver-2.70+ds/src/evaltree.c:2025:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"%#*.*Qf",DWIDTH,DPREC,normal[0][i]/mag);
data/evolver-2.70+ds/src/evaltree.c:2027:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"%#*.*Lf",DWIDTH,DPREC,normal[0][i]/mag);
data/evolver-2.70+ds/src/evaltree.c:2029:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"%17.15g",normal[0][i]/mag);
data/evolver-2.70+ds/src/evaltree.c:2032:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg,"}\n");
data/evolver-2.70+ds/src/evaltree.c:2713:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Can only do constraint value for vertices.\n");
data/evolver-2.70+ds/src/evaltree.c:2993:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: Bad aggregate type %d.\n",
data/evolver-2.70+ds/src/evaltree.c:3660:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%10.5g - %10.5g %d\n",
data/evolver-2.70+ds/src/evaltree.c:3662:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"%10.5g - %10.5g %d\n",
data/evolver-2.70+ds/src/evaltree.c:3670:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%10.5g - %10.5g %d\n",
data/evolver-2.70+ds/src/evaltree.c:3678:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg," <= 0.0 %d\n",zeroes);
data/evolver-2.70+ds/src/evaltree.c:3683:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%10.5g - %10.5g %d\n",
data/evolver-2.70+ds/src/evaltree.c:3691:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"NaN %d\n",(int)bins[HISTBINS]);
data/evolver-2.70+ds/src/evaltree.c:3839:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Changing NONCONTENT not implemented for everything_quantities mode yet.\n");
data/evolver-2.70+ds/src/evaltree.c:3851:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Changing NONCONTENT not implemented for everything_quantities mode yet.\n");
data/evolver-2.70+ds/src/evaltree.c:3941:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Bad element type for constraint.\n");
data/evolver-2.70+ds/src/evaltree.c:3961:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Boundary %d is not valid.\n",k);
data/evolver-2.70+ds/src/evaltree.c:4007:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Bad element type for boundary.\n");
data/evolver-2.70+ds/src/evaltree.c:4053:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Bad element type for boundary.\n");
data/evolver-2.70+ds/src/evaltree.c:4095:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Trying to unset body of non-facet.\n");
data/evolver-2.70+ds/src/evaltree.c:4171:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Must unset body pressure before fixing target.\n");
data/evolver-2.70+ds/src/evaltree.c:4186:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Must unset body target before fixing pressure.\n");
data/evolver-2.70+ds/src/evaltree.c:4217:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Illegal constraint number: %d.\n",con);
data/evolver-2.70+ds/src/evaltree.c:4335:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Parameter number is %d; maximum is %d.\n",
data/evolver-2.70+ds/src/evaltree.c:4364:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error; SET node %d reached unexpectedly.\n",node->type);
data/evolver-2.70+ds/src/evaltree.c:4500:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evaltree.c:4676:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"constraint_normal: Constraint %d does not exist.\n",connum);
data/evolver-2.70+ds/src/evaltree.c:4681:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"constraint_normal: Constraint %d does not exist.\n",connum);
data/evolver-2.70+ds/src/evaltree.c:4823:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pspots[MAXARRAYDIMS],*qspots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/evaltree.c:4970:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evaltree.c:5008:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evaltree.c:5132:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evaltree.c:5176:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evaltree.c:5263:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pspots[MAXARRAYDIMS],*qspots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/evaltree.c:5385:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pspots[MAXARRAYDIMS],*qspots[MAXARRAYDIMS],*sspots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/evaltree.c:5532:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pspots[MAXARRAYDIMS],*qspots[MAXARRAYDIMS],*sspots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/evaltree.c:5554:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Array addition: Arrays have different sizes.\n");
data/evolver-2.70+ds/src/evaltree.c:5677:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pspots[MAXARRAYDIMS],*qspots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/evaltree.c:5812:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pspots[MAXARRAYDIMS],*qspots[MAXARRAYDIMS],*sspots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/evaltree.c:5910:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Mismatched sizes in matrix multiplication, %d vs %d\n",
data/evolver-2.70+ds/src/evaltree.c:5993:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pspots[MAXARRAYDIMS],*qspots[MAXARRAYDIMS],*sspots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/evaltree.c:6080:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Mismatched sizes in matrix multiplication, %d vs %d.\n",lastsize,
data/evolver-2.70+ds/src/evaltree.c:6088:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Mismatched sizes in matrix multiplication. \n");
data/evolver-2.70+ds/src/evaltree.c:6089:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg+strlen(errmsg),"Index %d of left side is %d, index %d of first factor is %d\n",
data/evolver-2.70+ds/src/evaltree.c:6098:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Mismatched sizes in matrix multiplication.\n");
data/evolver-2.70+ds/src/evaltree.c:6099:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg+strlen(errmsg),"Index %d of left side is %d, index %d of second factor is %d\n",
data/evolver-2.70+ds/src/evaltree.c:6231:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Division by zero.\n");
data/evolver-2.70+ds/src/evaltree.c:6337:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Command aborted due to user interrupt.\n");
data/evolver-2.70+ds/src/evaltree.c:6345:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Command aborted.\n");
data/evolver-2.70+ds/src/evaltree.c:6352:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Command aborted due to break_after_warning.\n");
data/evolver-2.70+ds/src/evaltree.c:6367:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Intermediate stack misalignment after node type %d.\n",
data/evolver-2.70+ds/src/evaltree.c:6408:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: Stack misalignment by %d in eval()\n",
data/evolver-2.70+ds/src/evaltree.c:6431:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Fixed: %d\n",web.fix_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6434:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Unfixed: %d\n",web.unfix_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6437:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Edges equiangulated: %d\n",web.equi_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6440:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Edges deleted: %d\n",web.edge_delete_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6443:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Facets deleted: %d\n",web.facet_delete_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6446:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Edges refined: %d\n",web.edge_refine_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6449:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Facets refined: %d\n",web.facet_refine_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6452:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Vertices dissolved: %d\n",web.vertex_dissolve_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6455:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, "Edges dissolved: %d\n",web.edge_dissolve_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6458:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Facets dissolved: %d\n",web.facet_dissolve_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6461:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Bodies dissolved: %d\n",web.body_dissolve_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6464:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, "Edges reversed: %d\n",web.edge_reverse_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6467:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg, "Facets reversed: %d\n",web.facet_reverse_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6470:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Vertices popped: %d\n",web.vertex_pop_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6473:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Edges popped: %d\n",web.edge_pop_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6476:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"pop_tri_to_edge count: %d\n",web.pop_tri_to_edge_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6479:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"pop_edge_to_tri count: %d\n",web.pop_edge_to_tri_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6482:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"pop_quad_to_quad count: %d\n",web.pop_quad_to_quad_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6485:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Edges swapped: %d\n",web.edgeswap_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6488:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"T1 swaps: %d\n",web.t1_edgeswap_count); outstring(msg); }
data/evolver-2.70+ds/src/evaltree.c:6650:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6758:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Facet has no edges.\n");
data/evolver-2.70+ds/src/evaltree.c:6797:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Facet has no edges.\n");
data/evolver-2.70+ds/src/evaltree.c:6832:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,
data/evolver-2.70+ds/src/evaltree.c:6840:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Facet %d does not have body of index %d.\n",
data/evolver-2.70+ds/src/exprint.c:101:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if ( !node || !node->root ) { strcpy(strstart,"{}"); return strstart;}
data/evolver-2.70+ds/src/exprint.c:332:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case NULLBLOCK_NODE: sprintf(pos,"{}");pos+=2; return;
data/evolver-2.70+ds/src/exprint.c:348:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(pos,"unset breakpoints");
data/evolver-2.70+ds/src/exprint.c:354:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"suppress_warning "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:359:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"unsuppress_warning "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:364:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"keylogfile "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:369:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"logfile "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:378:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"; "); pos += 2;
data/evolver-2.70+ds/src/exprint.c:402:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"display_text("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:410:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"delete_text("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:416:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"is_constraint["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:418:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"].fixed "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:422:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"is_constraint["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:424:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"].nonnegative "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:428:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"is_constraint["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:430:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"].nonpositive "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:436:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,";`");
data/evolver-2.70+ds/src/exprint.c:439:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(pos,", "); pos += 2;
data/evolver-2.70+ds/src/exprint.c:446:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos," function {"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:448:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos," } "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:456:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"wrap_vertex("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:464:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"new_vertex("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:470:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"facet_crosscut("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:476:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"new_edge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:484:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"new_facet("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:490:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"new_body"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:511:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"])"); pos+=2;
data/evolver-2.70+ds/src/exprint.c:515:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"valid_constraint(");
data/evolver-2.70+ds/src/exprint.c:522:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"valid_boundary(");
data/evolver-2.70+ds/src/exprint.c:548:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"vertex_merge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:556:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"edge_merge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:564:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"facet_merge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:572:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"{ "); pos+=2; bracket_depth++;
data/evolver-2.70+ds/src/exprint.c:580:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (pos,"local ");
data/evolver-2.70+ds/src/exprint.c:621:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,
data/evolver-2.70+ds/src/exprint.c:635:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,
data/evolver-2.70+ds/src/exprint.c:648:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos," function "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:676:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(pos,"[%d]",a->sizes[i]);
data/evolver-2.70+ds/src/exprint.c:695:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ case ASSIGN_OP: sprintf(pos," := "); break;
data/evolver-2.70+ds/src/exprint.c:696:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PLUSASSIGN_OP: sprintf(pos," += "); break;
data/evolver-2.70+ds/src/exprint.c:697:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SUBASSIGN_OP: sprintf(pos," -= "); break;
data/evolver-2.70+ds/src/exprint.c:698:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case MULTASSIGN_OP: sprintf(pos," *= "); break;
data/evolver-2.70+ds/src/exprint.c:699:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DIVASSIGN_OP: sprintf(pos," /= "); break;
data/evolver-2.70+ds/src/exprint.c:746:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ case ASSIGN_OP: sprintf(pos," := "); break;
data/evolver-2.70+ds/src/exprint.c:747:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PLUSASSIGN_OP: sprintf(pos," += "); break;
data/evolver-2.70+ds/src/exprint.c:748:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SUBASSIGN_OP: sprintf(pos," -= "); break;
data/evolver-2.70+ds/src/exprint.c:749:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case MULTASSIGN_OP: sprintf(pos," *= "); break;
data/evolver-2.70+ds/src/exprint.c:750:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DIVASSIGN_OP: sprintf(pos," /= "); break;
data/evolver-2.70+ds/src/exprint.c:776:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"print ");
data/evolver-2.70+ds/src/exprint.c:797:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,".constraint[");
data/evolver-2.70+ds/src/exprint.c:803:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"%d",connum);
data/evolver-2.70+ds/src/exprint.c:812:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"].normal");
data/evolver-2.70+ds/src/exprint.c:818:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," %c ",node->op1.intval);
data/evolver-2.70+ds/src/exprint.c:826:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"set constraint "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:828:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos," global "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:832:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"unset constraint "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:834:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos," global "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:850:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"reset_counts"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:854:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"flush_counts"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:858:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"print profiling"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:862:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"reset_profiling"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:866:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"pause"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:870:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"return "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:876:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"evolver_version"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:880:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"date_and_time"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:885:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"break %d",node->op2.breakdepth);
data/evolver-2.70+ds/src/exprint.c:886:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(pos,"break ");
data/evolver-2.70+ds/src/exprint.c:892:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"continue %d",node->op2.breakdepth);
data/evolver-2.70+ds/src/exprint.c:893:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(pos,"continue ");
data/evolver-2.70+ds/src/exprint.c:898:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"history "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:902:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"transform_expr "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:906:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"warning_messages "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:910:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"datafilename "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:923:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos,", "); pos += 2;
data/evolver-2.70+ds/src/exprint.c:934:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"sprintf ");
data/evolver-2.70+ds/src/exprint.c:942:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"printf ");
data/evolver-2.70+ds/src/exprint.c:949:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"errprintf ");
data/evolver-2.70+ds/src/exprint.c:956:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"binary_printf ");
data/evolver-2.70+ds/src/exprint.c:974:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"print "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:979:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"print %c ",node->op1.name_id);
data/evolver-2.70+ds/src/exprint.c:990:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"print ");
data/evolver-2.70+ds/src/exprint.c:996:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"print ");
data/evolver-2.70+ds/src/exprint.c:999:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,".vertexnormal");
data/evolver-2.70+ds/src/exprint.c:1004:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"print ");
data/evolver-2.70+ds/src/exprint.c:1028:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"else "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1043:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"if ( "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1045:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," ) then "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1052:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," do "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1058:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos," ;"); pos += strlen(pos); }
data/evolver-2.70+ds/src/exprint.c:1063:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"while ("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1065:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,") "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1073:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"do "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1079:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," while ("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1081:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,") "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1085:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"for ( "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1087:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," ) "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1092:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else { strcat(pos," ;") ; pos += strlen(pos); } /* empty command3 */
data/evolver-2.70+ds/src/exprint.c:1099:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," ; "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1105:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," ; "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1115:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos," >> "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1124:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos," >>> "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1133:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos," >>2 "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1142:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos," >>>2 "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1152:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos," | "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1166:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"%c ",node->op1.letter);
data/evolver-2.70+ds/src/exprint.c:1172:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"'%c' ",node->op1.letter);
data/evolver-2.70+ds/src/exprint.c:1173:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(pos,"%c ",node->op1.letter);
data/evolver-2.70+ds/src/exprint.c:1251:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"geompipe "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1256:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"postscript "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1261:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"binary_off_file "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1266:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"ooglfile "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1338:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"view_matrix["); pos += strlen("view_matrix[");
data/evolver-2.70+ds/src/exprint.c:1340:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"]["); pos += 2;
data/evolver-2.70+ds/src/exprint.c:1347:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," := "); pos += 4;
data/evolver-2.70+ds/src/exprint.c:1352:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"m "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1357:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"optimize "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1362:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"gap_constant := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1367:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"K "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1372:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"y "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1377:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"M "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1382:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"P "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1388:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ case ASSIGN_OP: sprintf(pos,"G "); break;
data/evolver-2.70+ds/src/exprint.c:1389:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PLUSASSIGN_OP: sprintf(pos,"gravity += "); break;
data/evolver-2.70+ds/src/exprint.c:1390:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SUBASSIGN_OP: sprintf(pos,"gravity -= "); break;
data/evolver-2.70+ds/src/exprint.c:1391:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case MULTASSIGN_OP: sprintf(pos,"gravity *= "); break;
data/evolver-2.70+ds/src/exprint.c:1392:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DIVASSIGN_OP: sprintf(pos,"gravity /= "); break;
data/evolver-2.70+ds/src/exprint.c:1399:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"diffusion := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1404:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"thicken := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1409:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"autochop := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1414:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"p "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1419:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"zoom "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1427:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"chdir ");
data/evolver-2.70+ds/src/exprint.c:1433:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"system ");
data/evolver-2.70+ds/src/exprint.c:1439:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"exec ");
data/evolver-2.70+ds/src/exprint.c:1445:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"read ");
data/evolver-2.70+ds/src/exprint.c:1451:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"load ");
data/evolver-2.70+ds/src/exprint.c:1457:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"permload ");
data/evolver-2.70+ds/src/exprint.c:1463:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"addload ");
data/evolver-2.70+ds/src/exprint.c:1469:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"replace_load ");
data/evolver-2.70+ds/src/exprint.c:1475:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"show_trans ");
data/evolver-2.70+ds/src/exprint.c:1481:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"transform_expr ");
data/evolver-2.70+ds/src/exprint.c:1487:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"geomview ");
data/evolver-2.70+ds/src/exprint.c:1501:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"view_transform_parity["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1507:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"view_transform_swap_colors["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1513:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"view_transforms["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1515:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"]["); pos += 2;
data/evolver-2.70+ds/src/exprint.c:1521:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"]["); pos += 2;
data/evolver-2.70+ds/src/exprint.c:1527:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"is_defined(");
data/evolver-2.70+ds/src/exprint.c:1534:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"dump ");
data/evolver-2.70+ds/src/exprint.c:1541:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"colormap := ");
data/evolver-2.70+ds/src/exprint.c:1546:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SHOW_VOL_NODE: sprintf(pos,"show_vol "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1547:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case CHECK_NODE:sprintf(pos,"check "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1548:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case LONG_JIGGLE_NODE: sprintf(pos,"long_jiggle "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1549:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case RAW_VERAVG_NODE:sprintf(pos,"rawv "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1550:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case STABILITY_TEST_NODE:sprintf(pos,"stability_test "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1551:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case UTEST_NODE: sprintf(pos,"utest "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1552:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GO_NODE: sprintf(pos,"g "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1553:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SHELL_NODE: sprintf(pos,"shell "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1554:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ALICE_NODE: sprintf(pos,"alice "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1555:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case RECALC_NODE: sprintf(pos,"recalc "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1556:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case COUNTS_NODE: sprintf(pos,"counts "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1557:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case RAWEST_VERAVG_NODE:sprintf(pos,"rawestv "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1558:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case EXTRAPOLATE_NODE:sprintf(pos,"extrapolate "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1559:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case LINEAR_NODE: sprintf(pos,"linear "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1560:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case QUADRATIC_NODE:sprintf(pos,"quadratic "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1561:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case REBODY_NODE:sprintf(pos,"rebody "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1562:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case HESSIAN_NODE: sprintf(pos,"hessian "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1563:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SHOWQ_NODE: sprintf(pos,"simplex_to_fe"); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1564:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case CLOSE_SHOW_NODE: sprintf(pos,"showq "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1565:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case HESSIAN_MENU_NODE:sprintf(pos,"hessian_menu "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1566:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DIRICHLET_NODE: sprintf(pos,"dirichlet "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1567:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SOBOLEV_NODE: sprintf(pos,"sobolev "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1568:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case REORDER_STORAGE_NODE:sprintf(pos,"reorder_storage "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1569:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DIRICHLET_SEEK_NODE: sprintf(pos,"dirichlet_seek "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1570:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SOBOLEV_SEEK_NODE: sprintf(pos,"sobolev_seek "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1571:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case CONVERT_TO_QUANTS_NODE:sprintf(pos,"convert_to_quantities "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1572:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case RENUMBER_ALL_NODE: sprintf(pos,"renumber_all "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1573:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DUMP_MEMLIST_NODE: sprintf(pos,"dump_memlist "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1574:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case FREE_DISCARDS_NODE:sprintf(pos,"free_discards "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1575:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case REPARTITION_NODE: sprintf(pos,"repartition "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1576:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SUBCOMMAND_NODE: sprintf(pos,"subcommand "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1577:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ABORT_NODE: sprintf(pos,"abort "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1578:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DETORUS_NODE:sprintf(pos,"detorus "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1579:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case MAKE_THREAD_LISTS_NODE:sprintf(pos,"make_thread_lists "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1580:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SIMPLEX_TO_FE_NODE: sprintf(pos,"simplex_to_fe"); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1583:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"burchard %d ",node->op1.maxsteps);
data/evolver-2.70+ds/src/exprint.c:1589:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"show_expr "); /* prevent extraneous shows from dump */
data/evolver-2.70+ds/src/exprint.c:1590:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(pos,"show_expr ");
data/evolver-2.70+ds/src/exprint.c:1599:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"%c :::= ",nnode->op1.letter);
data/evolver-2.70+ds/src/exprint.c:1671:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos,")\n"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1674:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else { strcat(pos,");\n"); pos += strlen(pos); }
data/evolver-2.70+ds/src/exprint.c:1705:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(pos,")\n"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1708:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else { strcat(pos,");\n"); pos += strlen(pos); }
data/evolver-2.70+ds/src/exprint.c:1723:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ case ASSIGN_OP: sprintf(pos," := "); break;
data/evolver-2.70+ds/src/exprint.c:1724:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PLUSASSIGN_OP: sprintf(pos," += "); break;
data/evolver-2.70+ds/src/exprint.c:1725:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SUBASSIGN_OP: sprintf(pos," -= "); break;
data/evolver-2.70+ds/src/exprint.c:1726:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case MULTASSIGN_OP: sprintf(pos," *= "); break;
data/evolver-2.70+ds/src/exprint.c:1727:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DIVASSIGN_OP: sprintf(pos," /= "); break;
data/evolver-2.70+ds/src/exprint.c:1737:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ case ASSIGN_OP: sprintf(pos," := "); break;
data/evolver-2.70+ds/src/exprint.c:1738:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PLUSASSIGN_OP: sprintf(pos," += "); break;
data/evolver-2.70+ds/src/exprint.c:1739:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SUBASSIGN_OP: sprintf(pos," -= "); break;
data/evolver-2.70+ds/src/exprint.c:1740:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case MULTASSIGN_OP: sprintf(pos," *= "); break;
data/evolver-2.70+ds/src/exprint.c:1741:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case DIVASSIGN_OP: sprintf(pos," /= "); break;
data/evolver-2.70+ds/src/exprint.c:1827:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"sizeof(");
data/evolver-2.70+ds/src/exprint.c:1835:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"lagrange "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1840:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"lanczos "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1852:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"eigenprobe "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1864:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"ritz("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1872:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"torus_periods"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1875:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"]["); pos+=2;
data/evolver-2.70+ds/src/exprint.c:1881:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"inverse_periods"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1884:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"]["); pos+=2;
data/evolver-2.70+ds/src/exprint.c:1890:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"saddle "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1896:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"hessian_seek "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1902:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"move "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1907:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"areaweed "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1912:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"edgeweed "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1917:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"metis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1922:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"metis_readjust "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1927:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"kmetis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1932:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"body-metis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1937:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"notch "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1942:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"edge_divide "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1947:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"ometis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1953:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"j "); pos += 2;
data/evolver-2.70+ds/src/exprint.c:1958:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"exit "); pos += 5;
data/evolver-2.70+ds/src/exprint.c:1963:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"list procedures "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1967:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"list attributes "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1989:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(pos,"list constraint ");
data/evolver-2.70+ds/src/exprint.c:2004:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(pos,"list boundary ");
data/evolver-2.70+ds/src/exprint.c:2012:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"list topinfo "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2016:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"list bottominfo "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2024:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"list ");
data/evolver-2.70+ds/src/exprint.c:2030:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"delete ");
data/evolver-2.70+ds/src/exprint.c:2036:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"refine ");
data/evolver-2.70+ds/src/exprint.c:2042:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"dissolve ");
data/evolver-2.70+ds/src/exprint.c:2048:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"pop ");
data/evolver-2.70+ds/src/exprint.c:2054:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"fix ");
data/evolver-2.70+ds/src/exprint.c:2060:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"unfix ");
data/evolver-2.70+ds/src/exprint.c:2066:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"edgeswap ");
data/evolver-2.70+ds/src/exprint.c:2072:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"vertex_average ");
data/evolver-2.70+ds/src/exprint.c:2078:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"raw_vertex_average ");
data/evolver-2.70+ds/src/exprint.c:2084:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"rawest_vertex_average ");
data/evolver-2.70+ds/src/exprint.c:2090:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"equiangulate ");
data/evolver-2.70+ds/src/exprint.c:2096:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"pop_edge_to_tri ");
data/evolver-2.70+ds/src/exprint.c:2102:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"pop_tri_to_edge ");
data/evolver-2.70+ds/src/exprint.c:2108:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"pop_quad_to_quad ");
data/evolver-2.70+ds/src/exprint.c:2114:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"t1_edgeswap ");
data/evolver-2.70+ds/src/exprint.c:2120:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"reverse_orientation ");
data/evolver-2.70+ds/src/exprint.c:2126:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"whereami ");
data/evolver-2.70+ds/src/exprint.c:2145:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"vertexnormal"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2157:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case VERTEX: strcat(pos,"vertex["); break;
data/evolver-2.70+ds/src/exprint.c:2158:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case EDGE: strcat(pos,"edge["); break;
data/evolver-2.70+ds/src/exprint.c:2159:24: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case FACET: strcat(pos,"facet["); break;
data/evolver-2.70+ds/src/exprint.c:2160:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case BODY: strcat(pos,"body["); break;
data/evolver-2.70+ds/src/exprint.c:2161:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case FACETEDGE: strcat(pos,"facetedge["); break;
data/evolver-2.70+ds/src/exprint.c:2178:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"self"); pos+=4; break;
data/evolver-2.70+ds/src/exprint.c:2258:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char temp[100];
data/evolver-2.70+ds/src/exprint.c:2269:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char temp[100];
data/evolver-2.70+ds/src/exprint.c:2294:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"set ");
data/evolver-2.70+ds/src/exprint.c:2303:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," where "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2310:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"foreach ");
data/evolver-2.70+ds/src/exprint.c:2313:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," do ");
data/evolver-2.70+ds/src/exprint.c:2322:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"max(");
data/evolver-2.70+ds/src/exprint.c:2331:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"min(");
data/evolver-2.70+ds/src/exprint.c:2340:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"sum(");
data/evolver-2.70+ds/src/exprint.c:2349:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"avg(");
data/evolver-2.70+ds/src/exprint.c:2358:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"count(");
data/evolver-2.70+ds/src/exprint.c:2367:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"histogram(");
data/evolver-2.70+ds/src/exprint.c:2376:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"loghistogram(");
data/evolver-2.70+ds/src/exprint.c:2386:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," where "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2406:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"facetedges "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2410:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"vertices "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2415:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,".vertices ");
data/evolver-2.70+ds/src/exprint.c:2420:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"edges "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2425:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,".edges ");
data/evolver-2.70+ds/src/exprint.c:2430:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"facets "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2435:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,".facets ");
data/evolver-2.70+ds/src/exprint.c:2440:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"bodies "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2445:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,".bodies ");
data/evolver-2.70+ds/src/exprint.c:2461:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"%1.*Qg",DPREC,node->op1.real);
data/evolver-2.70+ds/src/exprint.c:2463:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"%1.*Lg",DPREC,node->op1.real);
data/evolver-2.70+ds/src/exprint.c:2465:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"%1.15g",node->op1.real);
data/evolver-2.70+ds/src/exprint.c:2471:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"pi");
data/evolver-2.70+ds/src/exprint.c:2491:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%c",'x'+node->op2.coordnum);
data/evolver-2.70+ds/src/exprint.c:2493:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%c%d",vch,node->op2.coordnum+1);
data/evolver-2.70+ds/src/exprint.c:2498:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"p%d",node->op2.coordnum+1);
data/evolver-2.70+ds/src/exprint.c:2504:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%c",'x'+node->op1.coordnum);
data/evolver-2.70+ds/src/exprint.c:2506:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%c%d",vch,node->op1.coordnum+1);
data/evolver-2.70+ds/src/exprint.c:2653:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"usr%d",node->op1.userfunc+1);
data/evolver-2.70+ds/src/exprint.c:2738:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"^(-1)");
data/evolver-2.70+ds/src/exprint.c:2744:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"^%1d",node->op1.intpow);
data/evolver-2.70+ds/src/exprint.c:2753:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"maximum(");
data/evolver-2.70+ds/src/exprint.c:2762:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"minimum(");
data/evolver-2.70+ds/src/exprint.c:2771:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"incompleteEllipticF(");
data/evolver-2.70+ds/src/exprint.c:2780:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"incompleteEllipticE(");
data/evolver-2.70+ds/src/exprint.c:2789:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"atan2(");
data/evolver-2.70+ds/src/exprint.c:2798:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"wrap_compose(");
data/evolver-2.70+ds/src/exprint.c:2807:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"wrap_inverse(");
data/evolver-2.70+ds/src/exprint.c:2818:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,")^2");
data/evolver-2.70+ds/src/exprint.c:2823:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"sqrt(");
data/evolver-2.70+ds/src/exprint.c:2831:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"floor(");
data/evolver-2.70+ds/src/exprint.c:2839:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"ceil(");
data/evolver-2.70+ds/src/exprint.c:2847:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"abs(");
data/evolver-2.70+ds/src/exprint.c:2855:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"sinh(");
data/evolver-2.70+ds/src/exprint.c:2863:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"cosh(");
data/evolver-2.70+ds/src/exprint.c:2871:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"tanh(");
data/evolver-2.70+ds/src/exprint.c:2879:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"acosh(");
data/evolver-2.70+ds/src/exprint.c:2887:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"asinh(");
data/evolver-2.70+ds/src/exprint.c:2895:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"atanh(");
data/evolver-2.70+ds/src/exprint.c:2903:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"sin(");
data/evolver-2.70+ds/src/exprint.c:2911:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"cos(");
data/evolver-2.70+ds/src/exprint.c:2919:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"tan(");
data/evolver-2.70+ds/src/exprint.c:2927:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"exp(");
data/evolver-2.70+ds/src/exprint.c:2935:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"log(");
data/evolver-2.70+ds/src/exprint.c:2943:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"asin(");
data/evolver-2.70+ds/src/exprint.c:2951:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"acos(");
data/evolver-2.70+ds/src/exprint.c:2959:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"atan(");
data/evolver-2.70+ds/src/exprint.c:2967:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"ellipticK(");
data/evolver-2.70+ds/src/exprint.c:2975:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"ellipticE(");
data/evolver-2.70+ds/src/exprint.c:2983:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," -");
data/evolver-2.70+ds/src/exprint.c:2989:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," not ");
data/evolver-2.70+ds/src/exprint.c:2995:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"view_matrix[");
data/evolver-2.70+ds/src/exprint.c:2998:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"]["); pos += 2;
data/evolver-2.70+ds/src/exprint.c:3052:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos," value");
data/evolver-2.70+ds/src/exprint.c:3268:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos,"set "); pos += 4;
data/evolver-2.70+ds/src/exprint.c:3365:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: bad SET_ATTRIBUTE type %d.\n",
data/evolver-2.70+ds/src/exprint.c:3372:32: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ case ASSIGN_OP: strcat(pos," := "); break;
data/evolver-2.70+ds/src/exprint.c:3373:36: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case PLUSASSIGN_OP: strcat(pos," += "); break;
data/evolver-2.70+ds/src/exprint.c:3374:35: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case SUBASSIGN_OP: strcat(pos," -= "); break;
data/evolver-2.70+ds/src/exprint.c:3375:36: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case MULTASSIGN_OP: strcat(pos," *= "); break;
data/evolver-2.70+ds/src/exprint.c:3376:35: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case DIVASSIGN_OP: strcat(pos," /= "); break;
data/evolver-2.70+ds/src/exprint.c:3379:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos," ("); pos += 2; // kludge for "-" after []
data/evolver-2.70+ds/src/exprint.c:3385:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pos," ("); pos += 2;
data/evolver-2.70+ds/src/exprint.c:3426:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos,"(unknown)");
data/evolver-2.70+ds/src/exprint.c:3492:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos," where "); pos += strlen(pos);
data/evolver-2.70+ds/src/extern.h:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char loadfilename[PATHSIZE]; /* for LOAD command */
data/evolver-2.70+ds/src/extern.h:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char kb_upper_array[256];
data/evolver-2.70+ds/src/extern.h:89:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char kb_lower_array[256];
data/evolver-2.70+ds/src/extern.h:230:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
struct macro { char name[MACRONAMESIZE];
data/evolver-2.70+ds/src/extern.h:250:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char needed_version[30];
data/evolver-2.70+ds/src/extern.h:255:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *typenames[NUMELEMENTS];
data/evolver-2.70+ds/src/extern.h:348:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char logfilename[PATHSIZE];
data/evolver-2.70+ds/src/extern.h:351:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char keylogfilename[PATHSIZE];
data/evolver-2.70+ds/src/extern.h:420:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char pix_file_name[150]; /* for P 2 */
data/evolver-2.70+ds/src/extern.h:428:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char ps_file_name[1000]; /* ps output file */
data/evolver-2.70+ds/src/extern.h:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char name[GLOBAL_NAME_SIZE + 1]; /* 63 significant characters */
data/evolver-2.70+ds/src/extern.h:521:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char argtypes[ARGTYPENUM]; /* indices into type table */
data/evolver-2.70+ds/src/extern.h:635:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char volume_method_name[100]; /* for replacing default */
data/evolver-2.70+ds/src/extern.h:636:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char area_method_name[100]; /* for replacing default */
data/evolver-2.70+ds/src/extern.h:637:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char length_method_name[100]; /* for replacing default */
data/evolver-2.70+ds/src/extern.h:713:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char datafilename[PATHSIZE]; /* current datafile name */
data/evolver-2.70+ds/src/extern.h:716:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char filename[PATHSIZE]; /* file name in command */
data/evolver-2.70+ds/src/extern.h:721:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATHSIZE]; /* command file name */
data/evolver-2.70+ds/src/extern.h:869:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[28];
data/evolver-2.70+ds/src/extern.h:887:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char idname[35]; /* for saving yytext */
data/evolver-2.70+ds/src/extern.h:888:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char set_extra_name[100]; /* for saving name */
data/evolver-2.70+ds/src/extern.h:902:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char fulltext[MAXCMDSIZE+5]; /* for full text of commands */
data/evolver-2.70+ds/src/extern.h:908:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char last_name[50]; /* name of last element generator */
data/evolver-2.70+ds/src/extern.h:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[SYMNAMESIZE+1];
data/evolver-2.70+ds/src/extern.h:941:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
struct extra { char name[ATTR_NAME_SIZE+1];
data/evolver-2.70+ds/src/extern.h:999:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *datatype_name[NUMDATATYPES];
data/evolver-2.70+ds/src/extern.h:1072:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char console_title[1000]; /* for command window title */
data/evolver-2.70+ds/src/extern.h:1074:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char graphics_title[1000]; /* for graphics window title */
data/evolver-2.70+ds/src/extern.h:1075:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char graphics_title2[1000]; /* for graphics window title */
data/evolver-2.70+ds/src/extern.h:1076:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char graphics_title3[1000]; /* for graphics window title */
data/evolver-2.70+ds/src/extern.h:1083:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char errmsg[ERRMSGSIZE]; /* for error() routine */
data/evolver-2.70+ds/src/extern.h:1401:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cmapname[100]; /* colormap file name */
data/evolver-2.70+ds/src/extern.h:1443:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char phase_file_name[PATHSIZE]; /* for dump */
data/evolver-2.70+ds/src/extern.h:2035:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char transform_expr[100]; /* save it */
data/evolver-2.70+ds/src/filgraph.c:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[200];
data/evolver-2.70+ds/src/filgraph.c:40:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name,"w");
data/evolver-2.70+ds/src/filgraph.c:200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[200];
data/evolver-2.70+ds/src/filgraph.c:209:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name,"w");
data/evolver-2.70+ds/src/filgraph.c:518:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char file_name[200];
data/evolver-2.70+ds/src/filgraph.c:524:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name,"wb");
data/evolver-2.70+ds/src/filgraph.c:533:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(binary_off_filename,"wb");
data/evolver-2.70+ds/src/fixvol.c:670:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/fixvol.c:674:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Perhaps constraint is not applied to any elements?\n");
data/evolver-2.70+ds/src/fixvol.c:811:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Constraint adjustment matrix singular. \nMore constraints than degrees of freedom?\nConstraints with no elements?");
data/evolver-2.70+ds/src/fixvol.c:1649:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((char*)vgev[bi],(char*)vgef[bi],NV*sizeof(REAL));
data/evolver-2.70+ds/src/geomgraph.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gv_version[100]; /* geomview version string */
data/evolver-2.70+ds/src/geomgraph.c:30:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pipename[100]; /* for named pipe to geomview */
data/evolver-2.70+ds/src/geomgraph.c:31:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char geom_name[100]; /* for geomview name of object */
data/evolver-2.70+ds/src/geomgraph.c:82:5: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
mkstemp(pipename); /* actually creates file */
data/evolver-2.70+ds/src/geomgraph.c:159:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pfd = fopen(pipename,"w");
data/evolver-2.70+ds/src/glutgraph.c:77:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *gl_errors[6] = {
data/evolver-2.70+ds/src/glutgraph.c:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wintitle[WINTITLESIZE];
data/evolver-2.70+ds/src/glutgraph.c:226:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char opengl_version[20]; /* from glGetString */
data/evolver-2.70+ds/src/glutgraph.c:292:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Total, KB: %d Largest, KB: %d\n",v[0],v[1]);
data/evolver-2.70+ds/src/glutgraph.c:296:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Total, KB: %d Largest, KB: %d\n",v[0],v[1]);
data/evolver-2.70+ds/src/glutgraph.c:302:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"NVIDIA GPU video total memory, KB: %d\n",v[1]);
data/evolver-2.70+ds/src/glutgraph.c:305:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"NVIDIA GPU total memory, KB: %d\n",v[1]);
data/evolver-2.70+ds/src/glutgraph.c:308:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"NVIDIA GPU total videao memory, KB: %d\n",v[1]);
data/evolver-2.70+ds/src/glutgraph.c:488:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Trying to allocate %d edge structures of size %d\n.",
data/evolver-2.70+ds/src/glutgraph.c:547:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Trying to allocate %d facet structures of size %d\n.",
data/evolver-2.70+ds/src/glutgraph.c:801:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(td->wintitle," %1.*s (task %d from task %d) ",
data/evolver-2.70+ds/src/glutgraph.c:805:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(td->wintitle," %1.*s (task %d from task %d) - Camera %d",
data/evolver-2.70+ds/src/glutgraph.c:811:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(td->wintitle,"%1.*s (task %d) ",WINTITLESIZE-20,
data/evolver-2.70+ds/src/glutgraph.c:813:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(td->wintitle," %1.*s (task %d) - Camera %d",
data/evolver-2.70+ds/src/glutgraph.c:818:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(td->wintitle," %1.*s",WINTITLESIZE-10,datafilename+titlespot);
data/evolver-2.70+ds/src/glutgraph.c:819:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(td->wintitle," %1.*s - Camera %d",WINTITLESIZE-20,
data/evolver-2.70+ds/src/glutgraph.c:912:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked vertex %d@%d\n",pickvnum,id_task(v_id));
data/evolver-2.70+ds/src/glutgraph.c:914:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked vertex %d\n",pickvnum);
data/evolver-2.70+ds/src/glutgraph.c:953:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked vertex %d@%d\n",pickvnum,id_task(v_id));
data/evolver-2.70+ds/src/glutgraph.c:955:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked vertex %d\n",pickvnum);
data/evolver-2.70+ds/src/glutgraph.c:962:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked edge %d@%d\n",pickenum,id_task(e_id));
data/evolver-2.70+ds/src/glutgraph.c:964:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked edge %d\n",pickenum);
data/evolver-2.70+ds/src/glutgraph.c:975:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked facet %d@%d\n",pickfnum,id_task(f_id));
data/evolver-2.70+ds/src/glutgraph.c:977:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked facet %d\n",pickfnum);
data/evolver-2.70+ds/src/glutgraph.c:1575:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"\nEdge front bias now %f\n", (DOUBLE)(td->edge_bias));
data/evolver-2.70+ds/src/glutgraph.c:1582:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"\nEdge front bias now %f\n",(DOUBLE)(td->edge_bias));
data/evolver-2.70+ds/src/glutgraph.c:1704:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"\n\nSet Focus: pickvnum %d is invalid.\n\n",pickvnum);
data/evolver-2.70+ds/src/glutgraph.c:2003:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char number[10];
data/evolver-2.70+ds/src/glutgraph.c:2004:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(number," %4d ",task);
data/evolver-2.70+ds/src/glutgraph.c:2088:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wintitle[WINTITLESIZE];
data/evolver-2.70+ds/src/glutgraph.c:2132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char title[1000];
data/evolver-2.70+ds/src/glutgraph.c:2211:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wintitle," %1.*s - Camera %d",WINTITLESIZE-30,
data/evolver-2.70+ds/src/glutgraph.c:2213:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(wintitle," %1.*s - Camera %d",WINTITLESIZE-30,
data/evolver-2.70+ds/src/glutgraph.c:2216:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wintitle+strlen(wintitle)," (task %d)",this_task);
data/evolver-2.70+ds/src/glutgraph.c:2326:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Set affinity of graphics thread to cpu %d.\n",want_cpu);
data/evolver-2.70+ds/src/glutgraph.c:2330:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Cannot set affinity of graphics thread to cpu %d; process affinity mask is %X.\n",
data/evolver-2.70+ds/src/glutgraph.c:3110:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"After indexing: %d unique vertices, %d unique edges\n",
data/evolver-2.70+ds/src/glutgraph.c:3682:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bestverts,td->stripdata+td->striparray[stripnum].start,bestlength*sizeof(int));
data/evolver-2.70+ds/src/glutgraph.c:3683:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bestfacets,trialstrip,(bestlength-2)*sizeof(int));
data/evolver-2.70+ds/src/glutgraph.c:3689:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->stripdata+td->striparray[stripnum].start,bestverts,bestlength*sizeof(int));
data/evolver-2.70+ds/src/glutgraph.c:3715:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"After stripping: %d edgestrips, %d facetstrips\n",
data/evolver-2.70+ds/src/glutgraph.c:3947:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"\n%d edges, %d facets\n",td->edgecount/2,td->facetcount/3);
data/evolver-2.70+ds/src/glutgraph.c:3976:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(td->fullarray+td->edgecount),(char*)td->facetarray,
data/evolver-2.70+ds/src/grapher.c:90:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100]; /* for reading user commands */
data/evolver-2.70+ds/src/grapher.c:155:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/grapher.c:185:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/grapher.c:229:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Illegal character in graphics command: %c",string[legal]);
data/evolver-2.70+ds/src/grapher.c:242:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reps = atoi(c);
data/evolver-2.70+ds/src/grapher.c:344:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Unrecognized character: %c\n",*c);
data/evolver-2.70+ds/src/grapher.c:345:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"Unrecognized character: 0x%04X\n",*c);
data/evolver-2.70+ds/src/grapher.c:373:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Unrecognized character: %c\n",*c);
data/evolver-2.70+ds/src/grapher.c:374:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"Unrecognized character: 0x%04X \n",*c);
data/evolver-2.70+ds/src/grapher.c:479:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"fillcolor %d\n",fillcolor);
data/evolver-2.70+ds/src/grapher.c:485:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"fillcolor %d\n",fillcolor);
data/evolver-2.70+ds/src/grapher.c:499:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Unrecognized letter: %c\n",*c);
data/evolver-2.70+ds/src/grapher.c:500:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"Unrecognized character: 0x%04x \n",*c);
data/evolver-2.70+ds/src/grapher.c:791:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"View transform matrix %d is singular.\n",j+1);
data/evolver-2.70+ds/src/graphgen.c:305:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/graphgen.c:557:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)qdata,(char*)gdata,3*sizeof(struct graphdata));
data/evolver-2.70+ds/src/graphgen.c:631:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)qdata,(char*)gdata,3*sizeof(struct graphdata));
data/evolver-2.70+ds/src/graphgen.c:2047:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Triangle spans too many periods. Wraps %d %d %d\n",
data/evolver-2.70+ds/src/graphgen.c:2681:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)qdata,(char*)gdata,3*sizeof(struct graphdata));
data/evolver-2.70+ds/src/graphgen.c:2736:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)qdata,(char*)gdata,3*sizeof(struct graphdata));
data/evolver-2.70+ds/src/graphgen.c:2780:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp_free((char *)xxwrap[0]);
data/evolver-2.70+ds/src/help.c:83:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%-38.38s ",help_strings[i]);
data/evolver-2.70+ds/src/help.c:86:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%-38.38s\n",help_strings[j]);
data/evolver-2.70+ds/src/help.c:171:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[30000]; /* text buffer */
data/evolver-2.70+ds/src/help.c:274:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff," ");
data/evolver-2.70+ds/src/help.c:276:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff,"> ");
data/evolver-2.70+ds/src/help.c:279:45: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if (kb_stricmp(spot,"dd") == 0 ) {strcat(buff,": ");}
data/evolver-2.70+ds/src/help.c:309:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static struct relinfo { char filename[20];
data/evolver-2.70+ds/src/help.c:310:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[40]; } info[RELMAX];
data/evolver-2.70+ds/src/help.c:312:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[100] = "name=\"";
data/evolver-2.70+ds/src/help.c:322:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helpfilename[PATHSIZE];
data/evolver-2.70+ds/src/help.c:324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/evolver-2.70+ds/src/help.c:420:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/evolver-2.70+ds/src/help.c:421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_lowercase[1000]; // for case-insensitive matching
data/evolver-2.70+ds/src/help.c:422:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword_lowercase[100];
data/evolver-2.70+ds/src/help.c:647:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"[%d]",a->sizes[i]);
data/evolver-2.70+ds/src/help.c:751:40: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if ( ex->array_spec.dim == 0 ) strcat(msg,"scalar");
data/evolver-2.70+ds/src/help.c:752:14: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(msg," dimension ");
data/evolver-2.70+ds/src/help.c:754:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[k]);
data/evolver-2.70+ds/src/help.c:755:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg,"\n\n");
data/evolver-2.70+ds/src/help.c:807:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[200];
data/evolver-2.70+ds/src/help.c:808:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int errnum = atoi(keyword);
data/evolver-2.70+ds/src/help.c:818:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( (strncmp(line,"Error ",6) == 0) && (atoi(line+6) == errnum) )
data/evolver-2.70+ds/src/hessian.c:283:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Hessian entries: %d Final hashtable size: %d next hash_per_row: %d.\n",hashcount, table_size,hash_per_row);
data/evolver-2.70+ds/src/hessian.c:285:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Hash extra probes: %d\n",hash_extraprobes);
data/evolver-2.70+ds/src/hessian.c:511:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"stepsize 0 energy0 %18.15g\n",(DOUBLE)energy0);
data/evolver-2.70+ds/src/hessian.c:523:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"stepsize %g energy1 %18.15g\n",(DOUBLE)stepsize,
data/evolver-2.70+ds/src/hessian.c:533:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"stepsize %g energy2 %18.15g\n",(DOUBLE)stepsize,
data/evolver-2.70+ds/src/hessian.c:560:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"stepsize %g energy1 %18.15g\n",(DOUBLE)(dirflag*stepsize),
data/evolver-2.70+ds/src/hessian.c:575:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"stepsize %g energy2 %18.15g\n",
data/evolver-2.70+ds/src/hessian.c:600:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"stepsize %g energy1 %18.15g\n",
data/evolver-2.70+ds/src/hessian.c:631:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"square gradient: %3.*Qg\n",DPREC,energy1);
data/evolver-2.70+ds/src/hessian.c:633:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"square gradient: %3.*Lg\n",DPREC,energy1);
data/evolver-2.70+ds/src/hessian.c:635:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"square gradient: %3.15g\n",energy1);
data/evolver-2.70+ds/src/hessian.c:678:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Qg. Not a saddle point.\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:680:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Lg. Not a saddle point.\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:682:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.15g. Not a saddle point.\n",low);
data/evolver-2.70+ds/src/hessian.c:688:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Qg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:690:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Lg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:692:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.15g\n",low);
data/evolver-2.70+ds/src/hessian.c:696:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"stepsize %g\n",(DOUBLE)stepsize);
data/evolver-2.70+ds/src/hessian.c:699:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %17.*Qg \n", DPREC,web.total_energy);
data/evolver-2.70+ds/src/hessian.c:701:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %17.*Lg \n", DPREC,web.total_energy);
data/evolver-2.70+ds/src/hessian.c:768:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char response[30];
data/evolver-2.70+ds/src/hessian.c:824:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"RHS norm: %20.*Qg\n",DPREC, rhs_norm);
data/evolver-2.70+ds/src/hessian.c:826:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"RHS norm: %20.*Lg\n",DPREC, rhs_norm);
data/evolver-2.70+ds/src/hessian.c:828:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"RHS norm: %20.15g\n", rhs_norm);
data/evolver-2.70+ds/src/hessian.c:860:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %*.*Qg \n",DWIDTH,DPREC,web.total_energy);
data/evolver-2.70+ds/src/hessian.c:862:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %*.*Lg \n",DWIDTH,DPREC,web.total_energy);
data/evolver-2.70+ds/src/hessian.c:918:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ritzdim = atoi(response);
data/evolver-2.70+ds/src/hessian.c:935:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Eigenvector number (1 to %d): ",ritzdim);
data/evolver-2.70+ds/src/hessian.c:952:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ritznum = atoi(spot);
data/evolver-2.70+ds/src/hessian.c:965:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ ritznum = atoi(response);
data/evolver-2.70+ds/src/hessian.c:986:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %*.*Qf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian.c:988:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %*.*Lf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian.c:990:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %20.15f\n",i+1,evalues[i]);
data/evolver-2.70+ds/src/hessian.c:1009:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %*.*Qf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian.c:1011:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %*.*Lf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian.c:1013:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %20.15f\n",i+1,evalues[i]);
data/evolver-2.70+ds/src/hessian.c:1053:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Qg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:1055:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Lg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:1057:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.15g\n",low);
data/evolver-2.70+ds/src/hessian.c:1069:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Qg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:1071:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Lg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:1073:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.15g\n",low);
data/evolver-2.70+ds/src/hessian.c:1085:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Qg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:1087:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.*Lg\n",DPREC,low);
data/evolver-2.70+ds/src/hessian.c:1089:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Lowest eigenvalue %2.15g\n",low);
data/evolver-2.70+ds/src/hessian.c:1099:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"stepsize %g\n",(DOUBLE)stepsize);
data/evolver-2.70+ds/src/hessian.c:1102:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %*.*Qg \n",DWIDTH,DPREC,web.total_energy);
data/evolver-2.70+ds/src/hessian.c:1104:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"1. energy: %*.*Lg \n",DWIDTH,DPREC,web.total_energy);
data/evolver-2.70+ds/src/hessian.c:1169:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[200],mname[200];
data/evolver-2.70+ds/src/hessian.c:1185:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(hname,"_H.dat");
data/evolver-2.70+ds/src/hessian.c:1186:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:1202:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mname,"_M.dat");
data/evolver-2.70+ds/src/hessian.c:1203:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(mname,"w");
data/evolver-2.70+ds/src/hessian.c:1217:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
{ strcpy(hname+baselength,"_rhs.dat");
data/evolver-2.70+ds/src/hessian.c:1220:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:1239:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hname+baselength,"_L.dat");
data/evolver-2.70+ds/src/hessian.c:1244:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:1256:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hname+baselength,"_D.dat");
data/evolver-2.70+ds/src/hessian.c:1261:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:1285:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
{ strcpy(hname+baselength,"_C.dat");
data/evolver-2.70+ds/src/hessian.c:1289:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:1306:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hname+baselength,"_P.dat");
data/evolver-2.70+ds/src/hessian.c:1310:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:1320:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
{ strcpy(hname+baselength,"_solution.dat");
data/evolver-2.70+ds/src/hessian.c:1323:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:1339:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[200],bname[200];
data/evolver-2.70+ds/src/hessian.c:1368:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(hname,"w");
data/evolver-2.70+ds/src/hessian.c:2452:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/evolver-2.70+ds/src/hessian.c:2458:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(name,"w");
data/evolver-2.70+ds/src/hessian2.c:458:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)rs_save,(char*)rs,sizeof(REAL)*S.A_rows);
data/evolver-2.70+ds/src/hessian2.c:624:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d at %2.*Qg\n",DPREC,cright-cleft,mid);
data/evolver-2.70+ds/src/hessian2.c:626:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d at %2.*Lg\n",DPREC,cright-cleft,mid);
data/evolver-2.70+ds/src/hessian2.c:628:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d at %2.15g\n",cright-cleft,mid);
data/evolver-2.70+ds/src/hessian2.c:662:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[20];
data/evolver-2.70+ds/src/hessian2.c:677:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxk = atoi(response);
data/evolver-2.70+ds/src/hessian2.c:852:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Eigencounts: %d <, %d ==, %d > \n",S.neg,S.zero,S.pos);
data/evolver-2.70+ds/src/hessian2.c:948:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Eigencounts: %d <, %d ==, %d > \n",S.neg,S.zero,S.pos);
data/evolver-2.70+ds/src/hessian2.c:955:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %*.*Qf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian2.c:957:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %*.*Lf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian2.c:959:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%d %20.15f\n",i+1,evalues[i]);
data/evolver-2.70+ds/src/hessian2.c:1173:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(basis[which]),(char*)w,S->N*sizeof(REAL));
data/evolver-2.70+ds/src/hessian2.c:1337:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"QR residual %*.*Qf\n",DWIDTH,DPREC,resid);
data/evolver-2.70+ds/src/hessian2.c:1339:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"QR residual %*.*Lf\n",DWIDTH,DPREC,resid);
data/evolver-2.70+ds/src/hessian2.c:1341:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"QR residual %20.15f\n",resid);
data/evolver-2.70+ds/src/hessian2.c:1439:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Eigencounts: %d <, %d ==, %d > \n",S->neg,S->zero,S->pos);
data/evolver-2.70+ds/src/hessian2.c:1500:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(rbasis[i]),(char*)(mw[i]),Met.N*sizeof(REAL));
data/evolver-2.70+ds/src/hessian2.c:1524:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %*.*Qf\n",converged,DWIDTH,DPREC,1/evalues[i]+lambda);
data/evolver-2.70+ds/src/hessian2.c:1526:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %*.*Lf\n",converged,DWIDTH,DPREC,1/evalues[i]+lambda);
data/evolver-2.70+ds/src/hessian2.c:1528:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. %20.15f\n",converged,1/evalues[i]+lambda);
data/evolver-2.70+ds/src/hessian2.c:1580:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ if ( evalues[i] > 1e29 ) sprintf(msg,"%3d. Singular??\n",i+1);
data/evolver-2.70+ds/src/hessian2.c:1582:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"%3d. %*.*Qf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian2.c:1584:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"%3d. %*.*Lf\n",i+1,DWIDTH,DPREC,evalues[i]);
data/evolver-2.70+ds/src/hessian2.c:1586:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(msg,"%3d. %18.13f\n",i+1,evalues[i]);
data/evolver-2.70+ds/src/hessian2.c:1590:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/evolver-2.70+ds/src/hessian3.c:531:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"YSMP allocation at %p of %d*8 short by %d*8. Expanding.\n",
data/evolver-2.70+ds/src/hessian3.c:534:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"YSMP allocation at %p of %d*8 over by %d*8. Reducing.\n",
data/evolver-2.70+ds/src/hessian3.c:541:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"New allocation at %p.\n",S->ISP); outstring(msg); }
data/evolver-2.70+ds/src/hessian3.c:624:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error after ODRV: N = %d FLAG = %d -- ",N,FLAG);
data/evolver-2.70+ds/src/hessian3.c:626:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg+strlen(errmsg),"Internal error: Insufficient storage in MD, K = %d\n",FLAG-9*N);
data/evolver-2.70+ds/src/hessian3.c:628:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Internal error: Insufficient storage in ODRV\n");
data/evolver-2.70+ds/src/hessian3.c:630:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Internal error: Illegal path specification in ORDV\n");
data/evolver-2.70+ds/src/hessian3.c:632:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: Mysterious value of FLAG in ORDV: %d\n",FLAG);
data/evolver-2.70+ds/src/hessian3.c:652:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: SDRVMD: Storage shortage: ESP = %d\n",ESP);
data/evolver-2.70+ds/src/hessian3.c:667:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: after SDRVMD: N = %d FLAG = %d -- ",N,FLAG);
data/evolver-2.70+ds/src/hessian3.c:670:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c,"Internal error, SDRV: Duplicate entry in A at row %d\n",FLAG-2*N);
data/evolver-2.70+ds/src/hessian3.c:672:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c,"Internal error, SDRV: Insufficient storage in SSF at row %d\n",FLAG-6*N);
data/evolver-2.70+ds/src/hessian3.c:674:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c,"Internal error, SDRV: Insufficient storage in SNF\n");
data/evolver-2.70+ds/src/hessian3.c:676:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c,"Internal error, SDRV: Zero pivot at row %d\n",FLAG-8*N);
data/evolver-2.70+ds/src/hessian3.c:678:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c,"Internal error, SDRV: Insufficient storage in SDRV\n");
data/evolver-2.70+ds/src/hessian3.c:680:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c,"Internal error, SDRV: Illegal path specification\n");
data/evolver-2.70+ds/src/hidim.c:68:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," %8lX %18.15f %18.15f %18.15f\n",(unsigned long)ffe,
data/evolver-2.70+ds/src/iterate.c:233:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Max normal change: %f. Restoring coordinates.\n",
data/evolver-2.70+ds/src/iterate.c:254:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Estimated energy change: %#*.*Qg\n",DWIDTH,DPREC,
data/evolver-2.70+ds/src/iterate.c:257:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Actual energy change : %#*.*Qg\n",DWIDTH,DPREC,
data/evolver-2.70+ds/src/iterate.c:261:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Estimated energy change: %#*.*Lg\n",DWIDTH,DPREC,
data/evolver-2.70+ds/src/iterate.c:264:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Actual energy change : %#*.*Lg\n",DWIDTH,DPREC,
data/evolver-2.70+ds/src/iterate.c:268:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Estimated energy change: %#20.15g\n",estimate_decrease());
data/evolver-2.70+ds/src/iterate.c:270:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Actual energy change : %#20.15g\n",
data/evolver-2.70+ds/src/iterate.c:277:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Qg scale: %#Qg\n",gocount,DWIDTH,DPREC,
data/evolver-2.70+ds/src/iterate.c:280:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%3d. energy: %#*.*Lg scale: %#Lg\n",gocount,DWIDTH,DPREC,
data/evolver-2.70+ds/src/iterate.c:714:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Total constraint difference would increase by factor of %f.\nAborting constraint adjustment.\n",(DOUBLE)fabs(diff/old_diff) );
data/evolver-2.70+ds/src/iterate.c:733:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Volume or quantity constraints don't converge in 10 projections.\nTotal difference %g times tolerance\n",(DOUBLE)diff);
data/evolver-2.70+ds/src/iterate.c:834:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(saver->coord+loc_ordinal(v_id)),(char *)get_param(v_id),
data/evolver-2.70+ds/src/iterate.c:837:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(saver->coord+loc_ordinal(v_id)),(char *)get_coord(v_id),
data/evolver-2.70+ds/src/iterate.c:846:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(get_oldcoord(v_id)),(char *)get_param(v_id),
data/evolver-2.70+ds/src/iterate.c:849:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(get_oldcoord(v_id)),(char *)get_coord(v_id),
data/evolver-2.70+ds/src/iterate.c:978:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p,(char *)(saver->coord+loc_ordinal(v_id)),
data/evolver-2.70+ds/src/iterate.c:981:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p,(char *)(get_oldcoord(v_id)),
data/evolver-2.70+ds/src/iterate.c:988:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)get_coord(v_id),(char *)(saver->coord+loc_ordinal(v_id)),
data/evolver-2.70+ds/src/iterate.c:991:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)get_coord(v_id),(char *)(get_oldcoord(v_id)),
data/evolver-2.70+ds/src/iterate.c:1102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/iterate.c:1110:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter wave vector (%Qf,%Qf,%Qf;r): ",wavev[0],wavev[1],wavev[2]);
data/evolver-2.70+ds/src/iterate.c:1112:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter wave vector (%Lf,%Lf,%Lf;r): ",wavev[0],wavev[1],wavev[2]);
data/evolver-2.70+ds/src/iterate.c:1114:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter wave vector (%f,%f,%f;r): ",wavev[0],wavev[1],wavev[2]);
data/evolver-2.70+ds/src/iterate.c:1122:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi(response) != 0 ) srand(atoi(response));
data/evolver-2.70+ds/src/iterate.c:1122:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi(response) != 0 ) srand(atoi(response));
data/evolver-2.70+ds/src/iterate.c:1149:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter phase (%f;r): ",(DOUBLE)phase);
data/evolver-2.70+ds/src/iterate.c:1164:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Enter amplitude (%f,%f,%f;r): ",(DOUBLE)amp[0],(DOUBLE)amp[1],(DOUBLE)amp[2]);
data/evolver-2.70+ds/src/khyp.c:142:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)b,(char*)a,PDIM*PDIM*sizeof(REAL));
data/evolver-2.70+ds/src/khyp.c:265:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Trying to compose %d-%d and %d-%d\n",g1,gk,h1,hk);
data/evolver-2.70+ds/src/khyp.c:266:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg,"khyp: Wrap outside known range\n");
data/evolver-2.70+ds/src/khyp.c:310:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((char *)xform,(char*)yform,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/khyp.c:324:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(w+1),(char*)x,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/lex.h:26:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lexeme[LEXEME_SIZE+1]; /* for identifiers */
data/evolver-2.70+ds/src/lexinit.c:614:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hessian_special_normal_expr[i].name,
data/evolver-2.70+ds/src/lexinit.c:618:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:710:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Space dimension too high. Recompile with -DMAXCOORD=%d as compiler option.\n",yylval.i);
data/evolver-2.70+ds/src/lexinit.c:717:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:760:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ATTR_NAME_SIZE+1];
data/evolver-2.70+ds/src/lexinit.c:840:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Bad conformal metric definition.\n");
data/evolver-2.70+ds/src/lexinit.c:843:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(web.metric[0][0].name,"conformal metric");
data/evolver-2.70+ds/src/lexinit.c:866:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:870:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(web.metric[i][j].name,"metric component [%d][%d]",
data/evolver-2.70+ds/src/lexinit.c:998:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:1375:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mobility_formula.name,"mobility formula");
data/evolver-2.70+ds/src/lexinit.c:1392:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:1396:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mobility_tensor[i][j].name,
data/evolver-2.70+ds/src/lexinit.c:1450:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid INTEGRAL_ORDER value %d.\n",yylval.i);
data/evolver-2.70+ds/src/lexinit.c:1470:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid INTEGRAL_ORDER_1D value %d.\n",yylval.i);
data/evolver-2.70+ds/src/lexinit.c:1487:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid INTEGRAL_ORDER_2D value %d.\n",yylval.i);
data/evolver-2.70+ds/src/lexinit.c:1813:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of vertices popped: %d\n", n = verpop_str());
data/evolver-2.70+ds/src/lexinit.c:1815:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of vertices popped: %d\n", n = edgepop_film());
data/evolver-2.70+ds/src/lexinit.c:2027:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/lexinit.c:2176:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Task number %d must be between 1 and %d, %d\n",
data/evolver-2.70+ds/src/lexinit.c:2221:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Duplicate vertex number %d\n",k);
data/evolver-2.70+ds/src/lexinit.c:2344:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:2359:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "Wrong number of parameters for vertex %d.\n",k);
data/evolver-2.70+ds/src/lexinit.c:2388:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:2431:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Wrong number of coordinates for vertex %d.\n",k);
data/evolver-2.70+ds/src/lexinit.c:2513:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Task number %d must be between 1 and %d\n",
data/evolver-2.70+ds/src/lexinit.c:2549:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Duplicate edge number %d\n",k);
data/evolver-2.70+ds/src/lexinit.c:2584:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Task number %d exceeds number of tasks running, %d\n",
data/evolver-2.70+ds/src/lexinit.c:2602:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Edge %d: vertex %d is not defined.\n",k,yylval.i);
data/evolver-2.70+ds/src/lexinit.c:2769:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:2802:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:2890:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[32];
data/evolver-2.70+ds/src/lexinit.c:3013:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Task number %d must be between 1 and %d\n",
data/evolver-2.70+ds/src/lexinit.c:3051:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Duplicate face number %d\n",k);
data/evolver-2.70+ds/src/lexinit.c:3073:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Task number %d exceeds number of tasks running, %d\n",
data/evolver-2.70+ds/src/lexinit.c:3089:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Facet %d: vertex %d is not defined.\n",k,yylval.i);
data/evolver-2.70+ds/src/lexinit.c:3114:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Edge task number %d exceeds number of tasks running, %d\n",
data/evolver-2.70+ds/src/lexinit.c:3138:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Facet %d: edge %d is not defined.\n",k,abs(e));
data/evolver-2.70+ds/src/lexinit.c:3147:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Facet %d: edge %d is not defined.\n",k,e);
data/evolver-2.70+ds/src/lexinit.c:3160:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Inconsistency in face %d, edge %d tail vertex disagrees with previous head.\n",
data/evolver-2.70+ds/src/lexinit.c:3196:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Face %d has too few edges.\n",k);
data/evolver-2.70+ds/src/lexinit.c:3214:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:3233:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Facet %d: vertex %d is not defined.\n",k,yylval.i);
data/evolver-2.70+ds/src/lexinit.c:3412:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:3439:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit.c:3495:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char name[100];
data/evolver-2.70+ds/src/lexinit.c:3510:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[32];
data/evolver-2.70+ds/src/lexinit.c:3593:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Task number %d must be between 1 and %d\n",
data/evolver-2.70+ds/src/lexinit.c:3615:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Duplicate body number %d\n",k);
data/evolver-2.70+ds/src/lexinit.c:3639:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Task number %d exceeds number of tasks running, %d\n",
data/evolver-2.70+ds/src/lexinit.c:3650:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Body %d: face %d is not defined.\n",k,f);
data/evolver-2.70+ds/src/lexinit.c:3655:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Body %d: face %d is not defined.\n",k,f);
data/evolver-2.70+ds/src/lexinit.c:3663:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Body %d has no faces.\n",k);
data/evolver-2.70+ds/src/lexinit2.c:79:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:85:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(torus_period_expr[i][j].name,"torus period [%d][%d]",i,j);
data/evolver-2.70+ds/src/lexinit2.c:110:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/lexinit2.c:116:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(torus_display_period_expr[i][j].name,"display period [%d][%d]",i,j);
data/evolver-2.70+ds/src/lexinit2.c:206:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k = atoi(msg);
data/evolver-2.70+ds/src/lexinit2.c:232:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Missing '=' after parameter name on line %d.\n",errline);
data/evolver-2.70+ds/src/lexinit2.c:315:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Bad boundary number: %d.\n",bnum);
data/evolver-2.70+ds/src/lexinit2.c:351:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Boundary number %d already defined.\n",bnum);
data/evolver-2.70+ds/src/lexinit2.c:410:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(web.boundaries[bnum].name,"%d",bnum);
data/evolver-2.70+ds/src/lexinit2.c:657:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Constraint number %d already defined.\n",cnum);
data/evolver-2.70+ds/src/lexinit2.c:718:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(con->name,"%d",cnum);
data/evolver-2.70+ds/src/lexinit2.c:904:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char mname[40];
data/evolver-2.70+ds/src/lexinit2.c:1050:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "Bad integrand definition.\n");
data/evolver-2.70+ds/src/lexinit2.c:1088:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( (tolower(yytext[0]) != 'q') || (atoi(yytext+1) != 1 + i ))
data/evolver-2.70+ds/src/lexinit2.c:1089:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Expected component %d definition.\n",i+1);
data/evolver-2.70+ds/src/lexinit2.c:1096:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "Bad component %d definition.\n",i+1);
data/evolver-2.70+ds/src/lexinit2.c:1104:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"k_vector method needs only %d (complement of order) vectors.\n",(SDIM-METH_INSTANCE(mnum)->vec_order));
data/evolver-2.70+ds/src/lexinit2.c:1135:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( (tolower(yytext[0]) != 'q') || (atoi(yytext+1) != 1 + i ) )
data/evolver-2.70+ds/src/lexinit2.c:1136:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Expected component %d definition.\n",i+1);
data/evolver-2.70+ds/src/lexinit2.c:1142:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "Bad component %d definition.\n",i+1);
data/evolver-2.70+ds/src/lexinit2.c:1210:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[400];
data/evolver-2.70+ds/src/lexinit2.c:1213:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name[400];
data/evolver-2.70+ds/src/lexinit2.c:1273:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name+strlen(inst_name),"%d_",++namecount);
data/evolver-2.70+ds/src/lexinit2.c:1352:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "Bad function definition.\n");
data/evolver-2.70+ds/src/lexinit2.c:1924:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[200];
data/evolver-2.70+ds/src/lexinit2.c:1955:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(c);
data/evolver-2.70+ds/src/lexinit2.c:1958:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = atoi(c);
data/evolver-2.70+ds/src/lexinit2.c:1968:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Bad phase numbers: %d %d\n",i,j);
data/evolver-2.70+ds/src/lexinit2.c:2060:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[100];
data/evolver-2.70+ds/src/lexinit2.c:2061:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name[100];
data/evolver-2.70+ds/src/lexinit2.c:2072:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(qname,"constraint_%d_energy",i);
data/evolver-2.70+ds/src/lexinit2.c:2073:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name,"constraint_%d_energy_inst",i);
data/evolver-2.70+ds/src/lexinit2.c:2194:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name[40];
data/evolver-2.70+ds/src/lexinit2.c:2195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[100];
data/evolver-2.70+ds/src/lexinit2.c:2200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formula[1000];
data/evolver-2.70+ds/src/lexinit2.c:2244:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(formula,"density*sqrt(");
data/evolver-2.70+ds/src/lexinit2.c:2256:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(METH_INSTANCE(meth)->expr[0]->name,"conformal metric");
data/evolver-2.70+ds/src/lexinit2.c:2263:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(formula,"density*sqrt(");
data/evolver-2.70+ds/src/lexinit2.c:2267:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ( i==j ) sprintf(formula+strlen(formula),"X%d^2*(",i+SDIM);
data/evolver-2.70+ds/src/lexinit2.c:2268:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(formula+strlen(formula),"2*X%d*X%d*(",i+SDIM,j+SDIM);
data/evolver-2.70+ds/src/lexinit2.c:2281:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(METH_INSTANCE(meth)->expr[0]->name,"conformal metric");
data/evolver-2.70+ds/src/lexinit2.c:2326:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(formula,"density*(");
data/evolver-2.70+ds/src/lexinit2.c:2338:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(METH_INSTANCE(meth)->expr[0]->name,"conformal metric");
data/evolver-2.70+ds/src/lexinit2.c:2370:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(qname,"boundary_%d_energy",i);
data/evolver-2.70+ds/src/lexinit2.c:2371:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name,"boundary_%d_energy_inst",i);
data/evolver-2.70+ds/src/lexinit2.c:2407:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(qname,"gravity_quant");
data/evolver-2.70+ds/src/lexinit2.c:2408:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name,"gravity_inst");
data/evolver-2.70+ds/src/lexinit2.c:2432:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(qname,"sq_mean_curvature_quant");
data/evolver-2.70+ds/src/lexinit2.c:2433:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name,"sq_mean_curvature_inst");
data/evolver-2.70+ds/src/lexinit2.c:2449:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(qname,"gap_quant");
data/evolver-2.70+ds/src/lexinit2.c:2450:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name,"gap_energy");
data/evolver-2.70+ds/src/lexinit2.c:2479:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name1[40];
data/evolver-2.70+ds/src/lexinit2.c:2480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[40];
data/evolver-2.70+ds/src/lexinit2.c:2485:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formula[100];
data/evolver-2.70+ds/src/lexinit2.c:2489:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(qname,"body_%d_vol",i);
data/evolver-2.70+ds/src/lexinit2.c:2490:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name1,"body_%d_vol_meth",i);
data/evolver-2.70+ds/src/lexinit2.c:2542:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ if ( j==0 )sprintf(formula,"-y/2");
data/evolver-2.70+ds/src/lexinit2.c:2543:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ( j==1 )sprintf(formula,"x/2");
data/evolver-2.70+ds/src/lexinit2.c:2548:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(METH_INSTANCE(meth1)->expr[j]->name,
data/evolver-2.70+ds/src/lexinit2.c:2605:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(formula,"x%d/%d",j+1,SDIM);
data/evolver-2.70+ds/src/lexinit2.c:2610:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(METH_INSTANCE(meth1)->expr[j]->name,
data/evolver-2.70+ds/src/lexinit2.c:2646:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name1,"body_%d_con_%d_meth",i,j);
data/evolver-2.70+ds/src/lexinit2.c:2820:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name1[40];
data/evolver-2.70+ds/src/lexinit2.c:2821:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[40];
data/evolver-2.70+ds/src/lexinit2.c:2823:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formula[100];
data/evolver-2.70+ds/src/lexinit2.c:2827:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(qname,"body_%d_vol",i);
data/evolver-2.70+ds/src/lexinit2.c:2828:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name1,"body_%d_vol_meth",i);
data/evolver-2.70+ds/src/lexinit2.c:2885:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ( j==0 )sprintf(formula,"-y/2");
data/evolver-2.70+ds/src/lexinit2.c:2886:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else if ( j==1 )sprintf(formula,"x/2");
data/evolver-2.70+ds/src/lexinit2.c:2893:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(METH_INSTANCE(meth1)->expr[j]->name,
data/evolver-2.70+ds/src/lexinit2.c:2937:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(formula,"x%d/%d",j+1,SDIM);
data/evolver-2.70+ds/src/lexinit2.c:2943:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mi->expr[j]->name,"symmetric content component %d",j+1);
data/evolver-2.70+ds/src/lexinit2.c:2977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name1[100];
data/evolver-2.70+ds/src/lexinit2.c:2982:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name1,"body_%d_con_%d_meth",ordinal(b_id)+1,connum);
data/evolver-2.70+ds/src/lexinit2.c:3019:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name1[100];
data/evolver-2.70+ds/src/lexinit2.c:3053:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name1[100];
data/evolver-2.70+ds/src/lexinit2.c:3111:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(inst_name1,"body_%d_con_%d_meth",ordinal(b_id)+1,j);
data/evolver-2.70+ds/src/lexinit2.c:3159:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char name[100];
data/evolver-2.70+ds/src/lexinit2.c:3173:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(b_id)+1,connum);
data/evolver-2.70+ds/src/lexinit2.c:3184:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(b_id)+1,connum);
data/evolver-2.70+ds/src/lexinit2.c:3216:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char name[100];
data/evolver-2.70+ds/src/lexinit2.c:3226:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(b_id)+1,connum);
data/evolver-2.70+ds/src/lexinit2.c:3235:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(b_id)+1,connum&CONMASK);
data/evolver-2.70+ds/src/lexinit2.c:3356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[1000];
data/evolver-2.70+ds/src/lexinit2.c:3359:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(qname,"body_%d_ambient_energy",ordinal(b_id)+1);
data/evolver-2.70+ds/src/lexinit2.c:3364:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(volsum,"body[%d].volconst",ordinal(b_id)+1);
data/evolver-2.70+ds/src/lexinit2.c:3370:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(volsum,".value");
data/evolver-2.70+ds/src/lexinit2.c:3404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spots[MAXARRAYDIMS];
data/evolver-2.70+ds/src/lexyy.c:663:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errbuff[ERRBUFFSIZE+4]; /* for reporting spot of error */
data/evolver-2.70+ds/src/lexyy.c:720:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(yytext,"generated error");
data/evolver-2.70+ds/src/lexyy.c:1869:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.i = atoi(strtok(yytext,whitespace));
data/evolver-2.70+ds/src/lexyy.c:1881:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.i = atoi(c);
data/evolver-2.70+ds/src/lexyy.c:1893:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.i = atoi(yytext);
data/evolver-2.70+ds/src/lexyy.c:1901:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.i = atoi(yytext);
data/evolver-2.70+ds/src/lexyy.c:1902:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.qnum = atoi(strchr(yytext,'@')+1);
data/evolver-2.70+ds/src/lexyy.c:1908:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.i = atoi(yytext);
data/evolver-2.70+ds/src/lexyy.c:1909:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.qnum = atoi(strchr(yytext,'@')+1);
data/evolver-2.70+ds/src/lexyy.c:2170:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Illegal token: %c\n",yytext[0]);
data/evolver-2.70+ds/src/lexyy.c:2172:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Illegal token: 0x%02X\n",yytext[0]);
data/evolver-2.70+ds/src/lexyy.c:3091:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char morebuff[MOREMAX+2];
data/evolver-2.70+ds/src/lexyy.c:3157:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(errbuff,errbuff+ERRBUFFSIZE/2,ERRBUFFSIZE/2);
data/evolver-2.70+ds/src/lexyy.c:3259:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str," Input line so far: \n");
data/evolver-2.70+ds/src/lexyy.c:3581:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.i = atoi(lexeme+1);
data/evolver-2.70+ds/src/lexyy.c:3589:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.i = atoi(lexeme+1);
data/evolver-2.70+ds/src/lexyy.c:3598:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.i = atoi(lexeme+1);
data/evolver-2.70+ds/src/lexyy.c:3607:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.i = atoi(lexeme+3);
data/evolver-2.70+ds/src/lexyy.c:3639:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"vertex_normal");
data/evolver-2.70+ds/src/lexyy.c:3643:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"vertex_normal");
data/evolver-2.70+ds/src/lexyy.c:3645:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"edge_vector");
data/evolver-2.70+ds/src/lexyy.c:3647:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"facet_normal");
data/evolver-2.70+ds/src/lexyy.c:3649:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"v_force");
data/evolver-2.70+ds/src/lexyy.c:3651:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"v_velocity");
data/evolver-2.70+ds/src/lexyy.c:3653:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"v_constraint_list");
data/evolver-2.70+ds/src/lexyy.c:3655:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"e_constraint_list");
data/evolver-2.70+ds/src/lexyy.c:3657:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lexeme,"f_constraint_list");
data/evolver-2.70+ds/src/lexyy.c:3907:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ static char name[82];
data/evolver-2.70+ds/src/lexyy.c:3913:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ static char name[82];
data/evolver-2.70+ds/src/lexyy.c:3919:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ static char name[82];
data/evolver-2.70+ds/src/lexyy.c:4280:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Illegal character '%c'\n",nextchar);
data/evolver-2.70+ds/src/lexyy.c:4459:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Illegal # directive, line %d.\n",line_no);
data/evolver-2.70+ds/src/lexyy.c:4571:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.i = atoi(yytext);
data/evolver-2.70+ds/src/lexyy.c:4623:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.i = atoi(yytext);
data/evolver-2.70+ds/src/lexyy.c:4665:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.i = atoi(yytext);
data/evolver-2.70+ds/src/lexyy.c:4666:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.qnum = atoi(strchr(yytext,'@')+1);
data/evolver-2.70+ds/src/lexyy.c:4668:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg, "Missing task number, line %d.",line_no);
data/evolver-2.70+ds/src/lexyy.c:4681:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.i = atoi(yytext);
data/evolver-2.70+ds/src/lexyy.c:4682:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.qnum = atoi(strchr(yytext,'@')+1);
data/evolver-2.70+ds/src/lexyy.c:4685:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Missing task number. Line %d",line_no);
data/evolver-2.70+ds/src/lexyy.c:4742:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Missing exponent for scientific notation. Line %d\n",line_no);
data/evolver-2.70+ds/src/lexyy.c:4812:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Illegal token '::' Line %d\n",line_no);
data/evolver-2.70+ds/src/lexyy.c:4822:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Illegal token ':::' Line %d\n",line_no);
data/evolver-2.70+ds/src/lexyy.c:4924:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Illegal token '&' Line %d\n",line_no);
data/evolver-2.70+ds/src/matrix.c:55:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)a[i],(char *)b[i],cols*sizeof(REAL));
data/evolver-2.70+ds/src/matrix.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy((char *)a[i],(char *)b[i],cols*sizeof(REAL));
data/evolver-2.70+ds/src/matrix.c:55:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy((char *)a[i],(char *)b[i],cols*sizeof(REAL));
data/evolver-2.70+ds/src/matrix.c:484:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
myfree((char *)m[-1]); /* using private pointer */
data/evolver-2.70+ds/src/matrix.c:491:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
myfree((char *)m[-1]);
data/evolver-2.70+ds/src/matrix.c:498:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
myfree((char *)m[-1]);
data/evolver-2.70+ds/src/matrix.c:506:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp_free((char *)m[-1]); /* using private pointer */
data/evolver-2.70+ds/src/matrix.c:513:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp_free((char *)m[-1]);
data/evolver-2.70+ds/src/matrix.c:520:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp_free((char *)m[-1]);
data/evolver-2.70+ds/src/matrix.c:1485:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"%10.6f ",(DOUBLE)a[i][j]);
data/evolver-2.70+ds/src/matrix.c:1528:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,"Exterior product of %d vectors.\n",k);
data/evolver-2.70+ds/src/matrix.c:2001:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Sparse init alloc: %d\n",S->table_size);
data/evolver-2.70+ds/src/matrix.c:2050:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Expanded hashtable size: %d.\n",S->table_size);
data/evolver-2.70+ds/src/matrix.c:2204:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Sparse entries: %d Final hashtable size: %d\n",
data/evolver-2.70+ds/src/matrix.c:2207:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Hash extra probes: %d\n",S->hash_extraprobes);
data/evolver-2.70+ds/src/method5.c:134:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg," SVK_elastic: Facet %d has unstrained area 0.\n",
data/evolver-2.70+ds/src/method5.c:422:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg," Neo_Hookean: Facet %d has unstrained area 0.\n",
data/evolver-2.70+ds/src/method5.c:811:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"LambertW: No convergence at z=%g, exiting.\n",(DOUBLE)z);
data/evolver-2.70+ds/src/metis.c:82:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"metis called with %d parts; must be at least 2 parts.\n",parts);
data/evolver-2.70+ds/src/metis.c:900:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((char*)Met.P,(char*)S->P,S->N*sizeof(int));
data/evolver-2.70+ds/src/metis.c:901:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)Met.IP,(char*)S->IP,S->N*sizeof(int));
data/evolver-2.70+ds/src/metis.c:944:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%2d %12g\n",k+1,(DOUBLE)critflops[k]); outstring(msg); }
data/evolver-2.70+ds/src/metis.c:951:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Critical path flops: %12.0f\n",(DOUBLE)critpath);
data/evolver-2.70+ds/src/metis.c:954:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Total fill: %ld Total flops(flop=mul+add): %g Fillspace: %ld\n",
data/evolver-2.70+ds/src/metric.c:487:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)f,(char*)temp,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/mindeg.c:184:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Elimcount %d of %d; regions %d\n",elim_count,S->N,rcount);
data/evolver-2.70+ds/src/mindeg.c:693:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CHAR(newverlist),CHAR(s->verlist),s->vercount*sizeof(int));
data/evolver-2.70+ds/src/mindeg.c:694:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CHAR(newverlist+s->vercount),CHAR(ss->verlist),
data/evolver-2.70+ds/src/mindeg.c:1687:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: fill %d != total_fill %d\n",fill,total_fill);
data/evolver-2.70+ds/src/mindeg.c:1703:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((char*)Met.P,(char*)S->P,S->N*sizeof(int));
data/evolver-2.70+ds/src/mindeg.c:1704:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)Met.IP,(char*)S->IP,S->N*sizeof(int));
data/evolver-2.70+ds/src/mindeg.c:2134:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mkl_error[12] = {
data/evolver-2.70+ds/src/mindeg.c:2238:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of nonzeros in factors = %d\n", S->iparm[17]);
data/evolver-2.70+ds/src/mindeg.c:2240:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Number of factorization MFLOPS = %d\n", S->iparm[18]);
data/evolver-2.70+ds/src/mindeg.c:2271:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"MKL - number of perturbed pivots: %d\n",S->iparm[13]);
data/evolver-2.70+ds/src/mindeg.c:2273:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"MKL - peak symbolic factorization memory: %d KB\n",S->iparm[14]);
data/evolver-2.70+ds/src/mindeg.c:2275:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"MKL - permanent symbolic factorization memory: %d KB\n",S->iparm[15]);
data/evolver-2.70+ds/src/mindeg.c:2277:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"MKL - numeric factorization memory: %d KB\n",S->iparm[16]);
data/evolver-2.70+ds/src/mindeg.c:2331:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg,"ERROR during MKL solution: %d\n", error);
data/evolver-2.70+ds/src/model.c:230:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Lagrange order must be at most %d.\n",MAXLAGRANGE);
data/evolver-2.70+ds/src/model.c:631:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ans[100];
data/evolver-2.70+ds/src/model.c:2187:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: Duplicate vertex in baryhash!\n nn = %d newv = %08lX b->v_id = %08lX\n",nn,
data/evolver-2.70+ds/src/model.c:2626:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/oglgraph.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char opengl_version[20]; /* from glGetString */
data/evolver-2.70+ds/src/oglgraph.c:426:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked vertex %d\n",pickvnum);
data/evolver-2.70+ds/src/oglgraph.c:430:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked edge %d\n",pickenum);
data/evolver-2.70+ds/src/oglgraph.c:437:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Picked facet %d\n",pickfnum);
data/evolver-2.70+ds/src/oglgraph.c:611:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"\nEdge front bias now %f\n",edge_bias); outstring(msg);
data/evolver-2.70+ds/src/oglgraph.c:616:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"\nEdge front bias now %f\n",edge_bias); outstring(msg);
data/evolver-2.70+ds/src/oglgraph.c:1207:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"\n%d edges, %d facets\n",edgecount/2,facetcount/3);
data/evolver-2.70+ds/src/oglgraph.c:1220:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(fullarray+edgecount),(char*)facetarray,facetcount*sizeof(struct vercol));
data/evolver-2.70+ds/src/oglgraph.c:1231:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"After indexing: %d unique vertices, %d unique edges\n",
data/evolver-2.70+ds/src/oglgraph.c:1692:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bestverts,stripdata+striparray[stripnum].start,bestlength*sizeof(int));
data/evolver-2.70+ds/src/oglgraph.c:1693:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bestfacets,trialstrip,(bestlength-2)*sizeof(int));
data/evolver-2.70+ds/src/oglgraph.c:1699:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stripdata+striparray[stripnum].start,bestverts,bestlength*sizeof(int));
data/evolver-2.70+ds/src/oglgraph.c:1726:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"After stripping: %d edgestrips, %d facetstrips\n",
data/evolver-2.70+ds/src/painter.c:367:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Sweep completed. Done %lld of %lld items.\n",(long long)sweep_done,
data/evolver-2.70+ds/src/painter.c:2640:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: visibility list out of order by %f.\n",
data/evolver-2.70+ds/src/pixgraph.c:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pix_file_name[150]; /* base picture name */
data/evolver-2.70+ds/src/pixgraph.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quadname[160]; /* quadrilateral file */
data/evolver-2.70+ds/src/pixgraph.c:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[120];
data/evolver-2.70+ds/src/pixgraph.c:79:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Thicken(n | y [thickness(%g)])? ",(DOUBLE)thickness);
data/evolver-2.70+ds/src/pixgraph.c:93:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(quadname,".quad");
data/evolver-2.70+ds/src/pixgraph.c:95:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pfd = fopen(quadname,"w");
data/evolver-2.70+ds/src/popfilm.c:46:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Edges popped: %d\n",popped); outstring(msg);
data/evolver-2.70+ds/src/popfilm.c:358:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)normalA,(char *)normalB,sizeof(normalA));
data/evolver-2.70+ds/src/popfilm.c:1946:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)prevnormal,(char *)thisnormal,sizeof(prevnormal));
data/evolver-2.70+ds/src/popfilm.c:3828:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg," Probably a face of a pyramid or triangular prism.\n");
data/evolver-2.70+ds/src/popfilm.c:3897:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"New quad not created.\n");
data/evolver-2.70+ds/src/psgraph.c:30:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ps_file_name[1000];
data/evolver-2.70+ds/src/psgraph.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char response[100];
data/evolver-2.70+ds/src/psgraph.c:95:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ps_file_name,".ps");
data/evolver-2.70+ds/src/psgraph.c:96:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(ps_file_name,"w");
data/evolver-2.70+ds/src/psgraph.c:451:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[200];
data/evolver-2.70+ds/src/psgraph.c:461:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr," %7.5f %7.5f",(DOUBLE)t->x[0][0],(DOUBLE)t->x[0][1]);
data/evolver-2.70+ds/src/psgraph.c:463:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr," %7.5f %7.5f",(DOUBLE)t->x[1][0],(DOUBLE)t->x[1][1]);
data/evolver-2.70+ds/src/psgraph.c:465:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr," %7.5f %7.5f",(DOUBLE)t->x[2][0],(DOUBLE)t->x[2][1]);
data/evolver-2.70+ds/src/psgraph.c:473:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr," %5.3f %5.3f %5.3f ",
data/evolver-2.70+ds/src/psgraph.c:486:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr," %5.3f %5.3f %5.3f %5.3f ",(DOUBLE)(c-k),
data/evolver-2.70+ds/src/psgraph.c:492:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(ptr," %5.3f",
data/evolver-2.70+ds/src/psgraph.c:500:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(ptr," %f ",(DOUBLE)gray); ptr += strlen(ptr); }
data/evolver-2.70+ds/src/psgraph.c:503:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(ptr," fb "); do_flag = 1; }
data/evolver-2.70+ds/src/psgraph.c:505:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr," fc ");
data/evolver-2.70+ds/src/psgraph.c:514:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr," no");
data/evolver-2.70+ds/src/psgraph.c:520:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line," 4 2 roll ");
data/evolver-2.70+ds/src/psgraph.c:523:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr,"\n "); ptr += strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:525:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr," %5.3f %5.3f %5.3f ",((c>>24)&0xFF)/255.,
data/evolver-2.70+ds/src/psgraph.c:530:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(ptr," %5.3f",(DOUBLE)cmyk_colors[c][j]);
data/evolver-2.70+ds/src/psgraph.c:535:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(ptr," %5.3f",(DOUBLE)rgb_colors[c][j]);
data/evolver-2.70+ds/src/psgraph.c:545:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line," noc");
data/evolver-2.70+ds/src/psgraph.c:549:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line+strlen(line)," %7.5f edge ",
data/evolver-2.70+ds/src/psgraph.c:552:46: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( t->etype[i] & BARE_EDGE ) strcat(line," bw");
data/evolver-2.70+ds/src/psgraph.c:553:47: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( t->etype[i] & FIXED_EDGE ) strcat(line," fw");
data/evolver-2.70+ds/src/psgraph.c:554:52: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( t->etype[i] & CONSTRAINT_EDGE ) strcat(line," ww");
data/evolver-2.70+ds/src/psgraph.c:555:50: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( t->etype[i] & BOUNDARY_EDGE ) strcat(line," ww");
data/evolver-2.70+ds/src/psgraph.c:556:48: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( t->etype[i] & SINGLE_EDGE ) strcat(line," ww");
data/evolver-2.70+ds/src/psgraph.c:557:48: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( t->etype[i] & TRIPLE_EDGE ) strcat(line," tw");
data/evolver-2.70+ds/src/psgraph.c:558:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(line," gw"); /* regular grid interior edge */
data/evolver-2.70+ds/src/psgraph.c:582:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"%10.6f %10.6f %10.6f %10.6f %5.3f %5.3f %5.3f ",
data/evolver-2.70+ds/src/psgraph.c:586:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"%10.6f %10.6f %10.6f %10.6f %5.3f %5.3f %5.3f %5.3f ",
data/evolver-2.70+ds/src/psgraph.c:591:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"%10.6f %10.6f %10.6f %10.6f %5.3f %5.3f %5.3f ",
data/evolver-2.70+ds/src/psgraph.c:597:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,"%10.6f %10.6f %10.6f %10.6f ", t->x[i][0],
data/evolver-2.70+ds/src/psgraph.c:602:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(line," 4 2 roll ");
data/evolver-2.70+ds/src/psgraph.c:604:39: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if ( ep->etype & BARE_EDGE ) strcat(line," bw");
data/evolver-2.70+ds/src/psgraph.c:605:45: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( ep->etype & FIXED_EDGE ) strcat(line," fw");
data/evolver-2.70+ds/src/psgraph.c:606:50: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( ep->etype & CONSTRAINT_EDGE ) strcat(line," ww");
data/evolver-2.70+ds/src/psgraph.c:607:48: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( ep->etype & BOUNDARY_EDGE ) strcat(line," ww");
data/evolver-2.70+ds/src/psgraph.c:608:46: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( ep->etype & SINGLE_EDGE ) strcat(line," ww");
data/evolver-2.70+ds/src/psgraph.c:609:46: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if ( ep->etype & TRIPLE_EDGE ) strcat(line," tw");
data/evolver-2.70+ds/src/psgraph.c:610:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(line," gw"); /* regular grid interior edge */
data/evolver-2.70+ds/src/quantity.c:724:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_name[40];
data/evolver-2.70+ds/src/quantity.c:727:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inst_name,"_inst");
data/evolver-2.70+ds/src/quantity.c:2978:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"m_Hess init alloc: %d\n",m_table_size[me]);
data/evolver-2.70+ds/src/quantity.c:3385:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"m_hashcount[%d]: %d m_table_size[%d]: %d\n",
data/evolver-2.70+ds/src/quantity.c:3391:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"m_hash_extraprobes: %d\n",m_hash_extraprobes);
data/evolver-2.70+ds/src/quantity.h:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[QNAMESIZE]; /* for identification */
data/evolver-2.70+ds/src/quantity.h:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[QNAMESIZE]; /* for easy user identification */
data/evolver-2.70+ds/src/quantity.h:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MNAMESIZE];
data/evolver-2.70+ds/src/query.c:92:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ hnum = atoi(text+1);
data/evolver-2.70+ds/src/query.c:125:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(fulltext," "); /* indentation */
data/evolver-2.70+ds/src/query.c:158:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(qnode.name,"command");
data/evolver-2.70+ds/src/query.c:296:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: stack usage negative, %d, node type %d.\n",
data/evolver-2.70+ds/src/quotient.c:142:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)y,(char*)x,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/quotient.c:151:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy((char*)t,(char*)y,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/quotient.c:162:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)y,(char*)t,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/quotient.c:242:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)y,(char*)x,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/quotient.c:254:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)t,(char*)y,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/quotient.c:265:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)y,(char*)t,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/quotient.c:325:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)y,(char*)x,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/quotient.c:585:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)y,(char*)x,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/readline.c:86:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ static char hist[PATHSIZE];
data/evolver-2.70+ds/src/sdrv.c:672:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Internal error: sdrv: Diag[%d] = %g; max in row: %g; adding %g",k,(DOUBLE)dk,(DOUBLE)elt,(DOUBLE)hessian_epsilon);
data/evolver-2.70+ds/src/sdrv.c:683:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"sdrv: Intermediate matrix not positive definite. Diag[%d] = %g;",k,(DOUBLE)dk);
data/evolver-2.70+ds/src/sdrv.c:689:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg+strlen(msg)," Forcing positive to %g.",(DOUBLE)dk);
data/evolver-2.70+ds/src/simequi2.c:119:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Face doesn't have valid opposite facets.\n");
data/evolver-2.70+ds/src/simequi2.c:365:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Void violation by %g\n",(DOUBLE)(-SDIM_dot(z,z) + rr));
data/evolver-2.70+ds/src/skeleton.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *datatype_name[NUMDATATYPES] =
data/evolver-2.70+ds/src/skeleton.c:162:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/evolver-2.70+ds/src/skeleton.c:192:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(bb_id)+1,map[k]&CONMASK);
data/evolver-2.70+ds/src/skeleton.c:203:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(b_id)+1,map[k]&CONMASK);
data/evolver-2.70+ds/src/skeleton.c:584:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&(v_id_p->attr),(char *)&(elptr(old_v)->attr),
data/evolver-2.70+ds/src/skeleton.c:657:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&(e_id_p->attr),(char *)&(old_e_p->attr),
data/evolver-2.70+ds/src/skeleton.c:727:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&(f_id_p->attr),(char *)&(elptr(old_f)->attr),
data/evolver-2.70+ds/src/skeleton.c:784:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&(b_id_p->attr),(char *)&(elptr(old_b)->attr),
data/evolver-2.70+ds/src/skeleton.h:30:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[EXPNAMESIZE]; /* for error messages */
data/evolver-2.70+ds/src/skeleton.h:249:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char name[BDRYNAMESIZE]; /* name, if any */
data/evolver-2.70+ds/src/skeleton.h:267:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CONNAMESIZE]; /* constraint name */
data/evolver-2.70+ds/src/softimag.c:26:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[100];
data/evolver-2.70+ds/src/softimag.c:27:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/evolver-2.70+ds/src/softimag.c:37:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(file_name,".mdl");
data/evolver-2.70+ds/src/softimag.c:38:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name,"w");
data/evolver-2.70+ds/src/softimag.c:54:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(file_name,".def");
data/evolver-2.70+ds/src/softimag.c:55:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file_name,"w");
data/evolver-2.70+ds/src/sqcurve2.c:528:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"eff_area_sq_mean_curvature and normal_sq_mean_curvature need consistency.\n");
data/evolver-2.70+ds/src/storage.c:117:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(newptr,oldptr,copysize);
data/evolver-2.70+ds/src/storage.c:674:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: Trying to unfree invalid id %08lX \n",
data/evolver-2.70+ds/src/storage.c:681:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/storage.c:834:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,
data/evolver-2.70+ds/src/storage.c:839:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Element memory: %lu KB, or %lu MB\n",
data/evolver-2.70+ds/src/storage.c:847:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"%10.10s size: %4d bytes; number allocated: %10ld\n",
data/evolver-2.70+ds/src/storage.c:851:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," quantity size: %4u bytes; number allocated: %10d\n",
data/evolver-2.70+ds/src/storage.c:854:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg," instance size: %4d bytes; number allocated: %10d\n",
data/evolver-2.70+ds/src/storage.c:895:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"\n Heapwalk ended unsuccessfully!!\n\n");
data/evolver-2.70+ds/src/storage.c:899:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"blocks in use: %6d memory in use: %Iu KB, or %Iu MB \n",
data/evolver-2.70+ds/src/storage.c:902:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg," blocks free: %6d memory free: %Iu KB, or %Iu MB \n",
data/evolver-2.70+ds/src/storage.c:905:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Heap top: %p\n",heaptop);
data/evolver-2.70+ds/src/storage.c:907:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Heap size: %4.2f MB\n",
data/evolver-2.70+ds/src/storage.c:913:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Physical memory size: %4.2f GB Virtual memory top: %llX\n",
data/evolver-2.70+ds/src/storage.c:922:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"\nTotal data memory arena %Lu\n",
data/evolver-2.70+ds/src/storage.c:938:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Arena %d Ordblocks: %d Orduse: %d Ordfree: %d\n",
data/evolver-2.70+ds/src/storage.c:941:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Small blocks: %d Small use: %d Small free: %d\n",
data/evolver-2.70+ds/src/storage.c:1298:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char * keynames[NUMELEMENTS] = {"vertex_order_key",
data/evolver-2.70+ds/src/storage.c:1327:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spot,(char*)ep,web.sizes[n]);
data/evolver-2.70+ds/src/storage.c:1336:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spot,(char*)ep,web.sizes[n]);
data/evolver-2.70+ds/src/storage.c:1395:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
myfree((char *)blocklist[i][j].blockptr);
data/evolver-2.70+ds/src/storage.c:1585:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[100];
data/evolver-2.70+ds/src/storage.c:1592:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oldbnum = atoi(q->name+5);
data/evolver-2.70+ds/src/storage.c:1603:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oldbnum = atoi(mi->name+5);
data/evolver-2.70+ds/src/storage.h:172:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char elnames[10][30];
data/evolver-2.70+ds/src/storage.h:174:37: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME(id) (valid_id(id) ? (sprintf(elnames[0],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[0]) : "")
data/evolver-2.70+ds/src/storage.h:175:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME1(id) (valid_id(id) ? (sprintf(elnames[1],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[1]) : "")
data/evolver-2.70+ds/src/storage.h:176:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME2(id) (valid_id(id) ? (sprintf(elnames[2],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[2]) : "")
data/evolver-2.70+ds/src/storage.h:177:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME3(id) (valid_id(id) ? (sprintf(elnames[3],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[3]) : "")
data/evolver-2.70+ds/src/storage.h:178:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME4(id) (valid_id(id) ? (sprintf(elnames[4],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[4]) : "")
data/evolver-2.70+ds/src/storage.h:179:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME5(id) (valid_id(id) ? (sprintf(elnames[5],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[5]) : "")
data/evolver-2.70+ds/src/storage.h:180:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME6(id) (valid_id(id) ? (sprintf(elnames[6],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[6]) : "")
data/evolver-2.70+ds/src/storage.h:181:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME7(id) (valid_id(id) ? (sprintf(elnames[7],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[7]) : "")
data/evolver-2.70+ds/src/storage.h:182:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME8(id) (valid_id(id) ? (sprintf(elnames[8],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[8]) : "")
data/evolver-2.70+ds/src/storage.h:183:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME9(id) (valid_id(id) ? (sprintf(elnames[9],"%d@%d",(int)((id)&OFFSETMASK)+1,id_task(id)),elnames[9]) : "")
data/evolver-2.70+ds/src/storage.h:195:37: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME(id) (valid_id(id) ? (sprintf(elnames[0],"%d",(int)((id)&OFFSETMASK)+1),elnames[0]) : "")
data/evolver-2.70+ds/src/storage.h:196:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME1(id) (valid_id(id) ? (sprintf(elnames[1],"%d",(int)((id)&OFFSETMASK)+1),elnames[1]) : "")
data/evolver-2.70+ds/src/storage.h:197:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME2(id) (valid_id(id) ? (sprintf(elnames[2],"%d",(int)((id)&OFFSETMASK)+1),elnames[2]) : "")
data/evolver-2.70+ds/src/storage.h:198:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME3(id) (valid_id(id) ? (sprintf(elnames[3],"%d",(int)((id)&OFFSETMASK)+1),elnames[3]) : "")
data/evolver-2.70+ds/src/storage.h:199:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME4(id) (valid_id(id) ? (sprintf(elnames[4],"%d",(int)((id)&OFFSETMASK)+1),elnames[4]) : "")
data/evolver-2.70+ds/src/storage.h:200:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME5(id) (valid_id(id) ? (sprintf(elnames[5],"%d",(int)((id)&OFFSETMASK)+1),elnames[5]) : "")
data/evolver-2.70+ds/src/storage.h:201:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME6(id) (valid_id(id) ? (sprintf(elnames[6],"%d",(int)((id)&OFFSETMASK)+1),elnames[6]) : "")
data/evolver-2.70+ds/src/storage.h:202:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME7(id) (valid_id(id) ? (sprintf(elnames[7],"%d",(int)((id)&OFFSETMASK)+1),elnames[7]) : "")
data/evolver-2.70+ds/src/storage.h:203:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME8(id) (valid_id(id) ? (sprintf(elnames[8],"%d",(int)((id)&OFFSETMASK)+1),elnames[8]) : "")
data/evolver-2.70+ds/src/storage.h:204:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
#define ELNAME9(id) (valid_id(id) ? (sprintf(elnames[9],"%d",(int)((id)&OFFSETMASK)+1),elnames[9]) : "")
data/evolver-2.70+ds/src/symmetry.c:71:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)y,(char*)x,web.space_dimension*sizeof(REAL));
data/evolver-2.70+ds/src/symtable.c:854:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*dest)->list,src->list,src->count*sizeof(struct localvar_t));
data/evolver-2.70+ds/src/symtable.c:883:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*dest)->list,src->list,src->count*sizeof(struct localvar_t));
data/evolver-2.70+ds/src/tmain.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstring[10000]; // for -r option
data/evolver-2.70+ds/src/tmain.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char evolver_invocation_short_name[31]="evolver-SUFFIX-EXTRASUFFIX_EXE";
data/evolver-2.70+ds/src/tmain.c:194:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Compiled with LONG_ID, for extraordinarily large models.\n",
data/evolver-2.70+ds/src/tmain.c:211:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Compiled for float128, %d digits precision.\n",DPREC);
data/evolver-2.70+ds/src/tmain.c:214:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Compiled for %d-byte long double, %d digits precision.\n",(int)sizeof(REAL),DPREC);
data/evolver-2.70+ds/src/tmain.c:218:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Compiled for double, %d digits precision.\n",DPREC);
data/evolver-2.70+ds/src/tmain.c:333:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 's' : default_random_seed = atoi(argv[0]+2);
data/evolver-2.70+ds/src/tmain.c:337:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
procs_requested = atoi(argv[0]+2);
data/evolver-2.70+ds/src/tmain.c:339:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ procs_requested = atoi(argv[1]);
data/evolver-2.70+ds/src/tmain.c:348:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"This Evolver only compiled for a maximum of %d threads.\n",MAXPROCS);
data/evolver-2.70+ds/src/tmain.c:350:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Threads set to %d. Recompile with -DMAXPROCS=%d if you want more.\n",
data/evolver-2.70+ds/src/tmain.c:396:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Using %d processes on %d processors.\n\n",
data/evolver-2.70+ds/src/tmain.c:488:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Set affinity of worker thread %d to cpu %d.\n",i+1,i);
data/evolver-2.70+ds/src/tmain.c:492:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Cannot set affinity of worker thread %d to cpu %d; \n process affinity mask is 0x%X.\n",
data/evolver-2.70+ds/src/tmain.c:499:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Created %d worker threads on %d processor machine.\n",
data/evolver-2.70+ds/src/tmain.c:542:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"Created %d worker threads.\n", procs_requested);
data/evolver-2.70+ds/src/tmain.c:703:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char szProcessName[MAX_PATH];
data/evolver-2.70+ds/src/tmain.c:827:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[200];
data/evolver-2.70+ds/src/tmain.c:953:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[200];
data/evolver-2.70+ds/src/tmain.c:977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[100];
data/evolver-2.70+ds/src/tmain.c:1156:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,"Invalid thread task: %d\n",thread_tasknum);
data/evolver-2.70+ds/src/tmain.c:1682:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error. Function thread_launch called in non-threaded Evolver. Task %d, type %d.\n",task,element_type);
data/evolver-2.70+ds/src/tokname.c:22:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: Token number %d does not have token name in yytname.\n",
data/evolver-2.70+ds/src/tokname.c:38:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"%4d (unnamed)",toknum);
data/evolver-2.70+ds/src/tokname.c:44:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"%4d (unnamed)",toknum);
data/evolver-2.70+ds/src/torus.c:89:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)xform,(char*)yform,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/torus.c:196:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)xform,(char*)yform,SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/trirevis.c:86:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(get_force(v_id)),(char *)get_param(v_id),
data/evolver-2.70+ds/src/trirevis.c:89:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(get_oldcoord(v_id)),(char *)get_coord(v_id),
data/evolver-2.70+ds/src/trirevis.c:862:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%f - %g %6d \n",0.0,
data/evolver-2.70+ds/src/trirevis.c:869:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%g - %g %6d\n",
data/evolver-2.70+ds/src/trirevis.c:1036:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%f - %g %6d \n",0.0,
data/evolver-2.70+ds/src/trirevis.c:1043:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%g - %g %6d\n",
data/evolver-2.70+ds/src/trirevis.c:1135:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%8.6g - %8.6g %6d \n",0.0,
data/evolver-2.70+ds/src/trirevis.c:1143:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%8.6g - %8.6g %6d\n",
data/evolver-2.70+ds/src/trirevis.c:2646:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%f - %f %6d \n",0.0,
data/evolver-2.70+ds/src/trirevis.c:2653:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%f - %f %6d\n",
data/evolver-2.70+ds/src/trirevis.c:2709:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/evolver-2.70+ds/src/trirevis.c:2747:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(b_id)+1,map[k]&CONMASK);
data/evolver-2.70+ds/src/trirevis.c:2752:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(name,"body_%d_bdry_%d_meth",ordinal(b_id)+1,get_vertex_boundary_num(v_id));
data/evolver-2.70+ds/src/trirevis.c:2783:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/evolver-2.70+ds/src/trirevis.c:2854:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"body_%d_con_%d_meth",ordinal(b_id)+1,map[k]&CONMASK);
data/evolver-2.70+ds/src/trirevis.c:2859:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(name,"body_%d_bdry_%d_meth",ordinal(b_id)+1,get_edge_boundary_num(e_id));
data/evolver-2.70+ds/src/userfunc.c:192:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[200];
data/evolver-2.70+ds/src/userfunc.c:206:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path,"./");
data/evolver-2.70+ds/src/userfunc.c:405:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"incompleteEllipticE: phi %f too large for given m %f.\n",
data/evolver-2.70+ds/src/userfunc.c:422:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"incompleteEllipticE: phi %f too large for given m %f.\n",
data/evolver-2.70+ds/src/userio.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pickbuf[500],*ptr;
data/evolver-2.70+ds/src/userio.c:185:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prim = atoi(ptr+1);
data/evolver-2.70+ds/src/userio.c:189:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vnum = atoi(ptr);
data/evolver-2.70+ds/src/userio.c:240:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fnum = atoi(ptr);
data/evolver-2.70+ds/src/userio.c:242:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg,"Picked ");
data/evolver-2.70+ds/src/userio.c:246:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"vertex %d ",pickvnum);
data/evolver-2.70+ds/src/userio.c:248:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(msg,
data/evolver-2.70+ds/src/userio.c:250:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg,
data/evolver-2.70+ds/src/userio.c:255:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg," (probably wrong)");
data/evolver-2.70+ds/src/userio.c:259:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"edge %d ",pickenum);
data/evolver-2.70+ds/src/userio.c:261:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
{ strcat(msg,
data/evolver-2.70+ds/src/userio.c:263:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg,
data/evolver-2.70+ds/src/userio.c:268:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg," (probably wrong)");
data/evolver-2.70+ds/src/userio.c:272:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg+strlen(msg),"facet %d ",pickfnum);
data/evolver-2.70+ds/src/userio.c:698:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(warning_messages,c,warning_messages_max-(c-warning_messages));
data/evolver-2.70+ds/src/userio.c:785:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"\nFATAL ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:795:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"\nERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:819:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:854:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"WARNING %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:872:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"SYNTAX ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:907:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char c[100];
data/evolver-2.70+ds/src/userio.c:934:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:982:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"SYNTAX ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:1006:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fullmsg+strlen(fullmsg),"DATAFILE ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:1138:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfilefd = fopen(name,"a");
data/evolver-2.70+ds/src/userio.c:1179:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keylogfilefd = fopen(name,"a");
data/evolver-2.70+ds/src/utility.c:158:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Caught SIGTERM. proc %d ",getpid());
data/evolver-2.70+ds/src/utility.c:286:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Session: %7lu blocks, %10lu KB, or %lu MB \n",
data/evolver-2.70+ds/src/utility.c:299:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Permanent: %5lu blocks, %10lu KB, or %lu MB \n",
data/evolver-2.70+ds/src/utility.c:319:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Temporary: %5lu blocks, %10lu KB, or %lu MB\n",
data/evolver-2.70+ds/src/utility.c:327:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Total data memory: %lu blocks, %lu KB, or %lu MB.\n",
data/evolver-2.70+ds/src/utility.c:330:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Total data memory: %lu KB, or %lu MB.\n",
data/evolver-2.70+ds/src/utility.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char procname[100];
data/evolver-2.70+ds/src/utility.c:340:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(procname,"/proc/%d/stat",getpid());
data/evolver-2.70+ds/src/utility.c:341:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(procname,"r");
data/evolver-2.70+ds/src/utility.c:345:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Virtual memory: %d\n",vmem);
data/evolver-2.70+ds/src/utility.c:348:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Resident memory: %d\n",mempages*getpagesize());
data/evolver-2.70+ds/src/utility.c:402:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%5ld. %12.0f bytes at %p\n",
data/evolver-2.70+ds/src/utility.c:410:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%5ld. %12.0f bytes at %p\n",
data/evolver-2.70+ds/src/utility.c:418:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%5ld. %12.0f bytes at %p\n",
data/evolver-2.70+ds/src/utility.c:426:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg,"%5ld. %12.0f bytes at %p\n",
data/evolver-2.70+ds/src/utility.c:475:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: Cannot allocate memory size %lu*%lu = %lu.\n",
data/evolver-2.70+ds/src/utility.c:550:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: Trying to realloc memory block to different list.\n");
data/evolver-2.70+ds/src/utility.c:568:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/utility.c:636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char memmsg[1000];
data/evolver-2.70+ds/src/utility.c:711:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char memmsg[1000];
data/evolver-2.70+ds/src/utility.c:716:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(memmsg,"Freeing %p, %ld bytes\n",head+1,(long)head->size);
data/evolver-2.70+ds/src/utility.c:761:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"mycalloc %30.30s %5d: %10d ",file,line,num*size);
data/evolver-2.70+ds/src/utility.c:764:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"mycalloc %lu*%lu = %lu bytes ",(unsigned long)num,
data/evolver-2.70+ds/src/utility.c:777:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"at %p\n",ptr); erroutstring(errmsg);
data/evolver-2.70+ds/src/utility.c:811:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"%30.30s %4d: realloc old %p size %d to size %d \n",
data/evolver-2.70+ds/src/utility.c:814:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"realloc old %p size %ld to size %ld \n",ptr,
data/evolver-2.70+ds/src/utility.c:829:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"at %p\n",newptr); erroutstring(errmsg);
data/evolver-2.70+ds/src/utility.c:848:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"free %p ",ptr);
data/evolver-2.70+ds/src/utility.c:891:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"%30.30s %4d: ",file,line);
data/evolver-2.70+ds/src/utility.c:894:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"temp_calloc %9ld bytes ",(long)num*size);
data/evolver-2.70+ds/src/utility.c:907:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"at %p \n",ptr); erroutstring(errmsg);
data/evolver-2.70+ds/src/utility.c:942:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"%30.30s %4d: temp_realloc\n old size %9d at %p to size %9d",
data/evolver-2.70+ds/src/utility.c:945:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"temp_realloc old %p size %9ld to size %9ld",ptr,
data/evolver-2.70+ds/src/utility.c:960:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg," at %p \n",newptr); erroutstring(errmsg);
data/evolver-2.70+ds/src/utility.c:981:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"temp_free %p ",ptr);
data/evolver-2.70+ds/src/utility.c:1078:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/utility.c:1085:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dymem,"DY_MEM"); /* so looks pretty in debugger */
data/evolver-2.70+ds/src/utility.c:1105:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"dy_alloc %d*%d = %d bytes.\n",num,size,asize);
data/evolver-2.70+ds/src/utility.c:1218:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dymem+newspot,dymem+old,ptr->size);
data/evolver-2.70+ds/src/utility.c:1219:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(dymem+newspot,dymem+old,newnum*newsize);
data/evolver-2.70+ds/src/utility.c:1331:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Dymem arena: %d\n",dymemsize);
data/evolver-2.70+ds/src/utility.c:1333:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Dymem free blocks: %d free bytes: %d\n",freeblocks,freebytes);
data/evolver-2.70+ds/src/utility.c:1335:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Dymem used blocks: %d used bytes: %d\n",usedblocks,usedbytes);
data/evolver-2.70+ds/src/utility.c:3190:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATHSIZE];
data/evolver-2.70+ds/src/utility.c:3197:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char taskpath[PATHSIZE];
data/evolver-2.70+ds/src/utility.c:3226:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(path,"r");
data/evolver-2.70+ds/src/utility.c:3246:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,".fe");
data/evolver-2.70+ds/src/utility.c:3263:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(path,"r");
data/evolver-2.70+ds/src/utility.c:3277:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,".fe");
data/evolver-2.70+ds/src/utility.c:3297:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(path,"r");
data/evolver-2.70+ds/src/utility.c:3317:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,".fe");
data/evolver-2.70+ds/src/utility.c:3326:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(path,"r");
data/evolver-2.70+ds/src/utility.c:3340:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,".fe");
data/evolver-2.70+ds/src/utility.c:3348:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ( (fd = fopen(path,"r")) == NULL)
data/evolver-2.70+ds/src/utility.c:3365:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,".fe");
data/evolver-2.70+ds/src/utility.c:3366:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ( (fd = fopen(path,"r")) == NULL)
data/evolver-2.70+ds/src/utility.c:3374:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path,".fe");
data/evolver-2.70+ds/src/variable.c:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char needed_version[30];
data/evolver-2.70+ds/src/variable.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *typenames[NUMELEMENTS] = {"vertex","edge","facet","body","facetedge"};
data/evolver-2.70+ds/src/variable.c:87:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kb_upper_array[256];
data/evolver-2.70+ds/src/variable.c:88:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kb_lower_array[256];
data/evolver-2.70+ds/src/variable.c:95:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loadfilename[PATHSIZE]; /* for LOAD command */
data/evolver-2.70+ds/src/variable.c:187:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfilename[PATHSIZE];
data/evolver-2.70+ds/src/variable.c:190:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keylogfilename[PATHSIZE];
data/evolver-2.70+ds/src/variable.c:300:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char length_method_name[100]; /* for replacing default */
data/evolver-2.70+ds/src/variable.c:302:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area_method_name[100]; /* for replacing default */
data/evolver-2.70+ds/src/variable.c:303:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_method_name[100]; /* for replacing default */
data/evolver-2.70+ds/src/variable.c:319:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fulltext[MAXCMDSIZE+5]; /* for full text of commands */
data/evolver-2.70+ds/src/variable.c:321:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datafilename[PATHSIZE]; /* current datafile name */
data/evolver-2.70+ds/src/variable.c:322:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATHSIZE]; /* file name in command */
data/evolver-2.70+ds/src/variable.c:499:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_name[50]; /* name of last element generator */
data/evolver-2.70+ds/src/variable.c:500:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idname[35]; /* for saving yytext */
data/evolver-2.70+ds/src/variable.c:501:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char set_extra_name[100]; /* for saving name */
data/evolver-2.70+ds/src/variable.c:558:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char console_title[1000]; /* for command window title */
data/evolver-2.70+ds/src/variable.c:560:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graphics_title[1000]; /* for graphics window title */
data/evolver-2.70+ds/src/variable.c:561:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graphics_title2[1000]; /* for graphics window title */
data/evolver-2.70+ds/src/variable.c:562:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graphics_title3[1000]; /* for graphics window title */
data/evolver-2.70+ds/src/variable.c:568:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[ERRMSGSIZE]; /* for kb_error() routine */
data/evolver-2.70+ds/src/variable.c:665:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmapname[100]; /* colormap file name */
data/evolver-2.70+ds/src/variable.c:752:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phase_file_name[PATHSIZE]; /* for dump */
data/evolver-2.70+ds/src/variable.c:765:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transform_expr[100]; /* save it */
data/evolver-2.70+ds/src/variable.c:1589:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char elnames[10][30];
data/evolver-2.70+ds/src/verpopst.c:336:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/verpopst.c:1146:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Autopopped %d edges, %d vertices.\n",autopop_count,popped);
data/evolver-2.70+ds/src/verpopst.c:1194:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Autochopped %d edges.\n",autochop_count);
data/evolver-2.70+ds/src/web.h:73:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wulff_name[60]; /* Wulff file or keyword */
data/evolver-2.70+ds/src/wulff.c:135:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)wulff,(char *)wulff_vector[best],SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/wulff.c:135:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy((char *)wulff,(char *)wulff_vector[best],SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/wulff.c:135:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy((char *)wulff,(char *)wulff_vector[best],SDIM*sizeof(REAL));
data/evolver-2.70+ds/src/wulff.c:212:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char response[200];
data/evolver-2.70+ds/src/yexparse.c:394:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Index %d must be positive.\n",
data/evolver-2.70+ds/src/yexparse.c:416:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Index %d must be nonnegative.\n",
data/evolver-2.70+ds/src/yexparse.c:734:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,
data/evolver-2.70+ds/src/yexparse.c:766:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(msg,"Need exactly %d vertices in NEW_FACET (...).\n",
data/evolver-2.70+ds/src/yexparse.c:1388:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: Bad NEXT_ELEMENT_NODE type %d.\n",list[left].type);
data/evolver-2.70+ds/src/yexparse.c:2209:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[100];
data/evolver-2.70+ds/src/yexparse.c:2216:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempname,"temp_array_%d",temp_array_number++);
data/evolver-2.70+ds/src/yexparse.c:2271:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[100];
data/evolver-2.70+ds/src/yexparse.c:2277:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempname,"temp_array_%d",temp_array_number++);
data/evolver-2.70+ds/src/yexparse.c:2321:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[100];
data/evolver-2.70+ds/src/yexparse.c:2337:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempname,"temp_array_%d",temp_array_number++);
data/evolver-2.70+ds/src/yexparse.c:3010:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/yexparse.c:3020:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(temp),(char*)(list+leftstart),
data/evolver-2.70+ds/src/yexparse.c:3024:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(list+leftstart+rightsize),(char*)(temp),
data/evolver-2.70+ds/src/yexparse.c:4034:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Coordinate number too high: %d\n",n+1);
data/evolver-2.70+ds/src/yexparse.c:4045:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Invalid user function number: %d\n",int_val);
data/evolver-2.70+ds/src/yexparse.c:5047:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: lvalue type %d\n",list->type);
data/evolver-2.70+ds/src/ytab.c:13278:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
{ strcpy(errmsg,"Syntax:\n"); /* qakv */
data/evolver-2.70+ds/src/ytab.c:13279:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname TARGET expr\n");
data/evolver-2.70+ds/src/ytab.c:13280:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname MODULUS expr\n");
data/evolver-2.70+ds/src/ytab.c:13281:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname TOLERANCE expr\n");
data/evolver-2.70+ds/src/ytab.c:13282:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname VOLCONST expr\n");
data/evolver-2.70+ds/src/ytab.c:13283:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname FIXED\n");
data/evolver-2.70+ds/src/ytab.c:13284:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname INFO_ONLY\n");
data/evolver-2.70+ds/src/ytab.c:13285:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname ENERGY\n");
data/evolver-2.70+ds/src/ytab.c:13286:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SET quantityname CONSERVED\n");
data/evolver-2.70+ds/src/ytab.c:13556:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errmsg,"Internal error: lvalue type %d\n",
data/evolver-2.70+ds/src/ytab.c:13615:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(errmsg,"Internal error: bad ASSIGNOP %d\n",(yyvsp[-1]).i);
data/evolver-2.70+ds/src/ytab.c:14164:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Syntax error. Syntax: constraint[expr].normal \n"); /* qaoj */
data/evolver-2.70+ds/src/ytab.c:14171:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Missing attribute.\n"); /* qaoj */
data/evolver-2.70+ds/src/ytab.c:14428:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14444:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,
data/evolver-2.70+ds/src/ytab.c:14654:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Illegal right side of assignment.\n"); /* qaps */
data/evolver-2.70+ds/src/ytab.c:15073:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"printf has %d formats, but there are %d arguments.\n",
data/evolver-2.70+ds/src/ytab.c:15100:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"binary_printf has %d formats, but there are %d arguments.\n",
data/evolver-2.70+ds/src/ytab.c:15126:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"errprintf has %d formats, but there are %d arguments.\n",
data/evolver-2.70+ds/src/ytab.c:16163:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"sprintf has %d formats, but there are %d arguments.\n",
data/evolver-2.70+ds/src/ytab.c:16640:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
{ strcpy(errmsg,"Syntax: SIZEOF ( extra_attribute )\n"); /* qazf */
data/evolver-2.70+ds/src/ytab.c:16641:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SIZEOF ( array_name ) \n");
data/evolver-2.70+ds/src/ytab.c:16642:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," SIZEOF ( string_expr ) \n");
data/evolver-2.70+ds/src/ytab.c:16788:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Possible quantity attributes: \n");
data/evolver-2.70+ds/src/ytab.c:16789:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," value, modulus, pressure, target, tolerance, volconst,\n");
data/evolver-2.70+ds/src/ytab.c:16790:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," fixed, energy, info_only, conserved\n");
data/evolver-2.70+ds/src/ytab.c:16797:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
{ strcpy(errmsg,"Possible quantity attributes: \n"); /* qazv */
data/evolver-2.70+ds/src/ytab.c:16798:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," value, modulus, pressure, target, tolerance, volconst,\n");
data/evolver-2.70+ds/src/ytab.c:16799:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg," fixed, energy, info_only, conserved\n");
data/evolver-2.70+ds/src/ytab.c:16815:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errmsg,"Possible method instance attributes: value, modulus \n");
data/evolver-2.70+ds/src/ytab.c:18561:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/evolver-2.70+ds/src/ytab.c:18578:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yyformat[sizeof yyunexpected
data/evolver-2.70+ds/src/ytab.c:18813:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char modmsg[1000];
data/evolver-2.70+ds/src/ytab.c:18854:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{ sprintf(errmsg,"Internal error: Token number %d does not have token name in yytname.\n",
data/evolver-2.70+ds/src/ytab.c:18870:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"%4d (unnamed)",toknum);
data/evolver-2.70+ds/src/ytab.c:18876:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"%4d (unnamed)",toknum);
data/evolver-2.70+ds/src/bk.c:1420:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg)," %*.*Qg",DWIDTH,DPREC,evalues[2*n-1-j]);
data/evolver-2.70+ds/src/bk.c:1422:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg)," %*.*Lg",DWIDTH,DPREC,evalues[2*n-1-j]);
data/evolver-2.70+ds/src/bk.c:1424:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg)," %18.15g",evalues[2*n-1-j]);
data/evolver-2.70+ds/src/bk.c:1426:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/cnstrnt.c:102:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ sprintf(errmsg+strlen(errmsg)," Projecting on constraints ");
data/evolver-2.70+ds/src/cnstrnt.c:104:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg)," %s",get_constraint(conlist[i])->name);
data/evolver-2.70+ds/src/cnstrnt.c:107:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(errmsg,"\n");
data/evolver-2.70+ds/src/cnstrnt.c:195:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg)," Projecting on constraints ");
data/evolver-2.70+ds/src/cnstrnt.c:198:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg)," %s",constr[i]->name);
data/evolver-2.70+ds/src/cnstrnt.c:201:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(errmsg,"\n");
data/evolver-2.70+ds/src/cnstrnt.c:275:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg)," Projecting on constraints ");
data/evolver-2.70+ds/src/cnstrnt.c:277:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg)," %s",constr[i]->name);
data/evolver-2.70+ds/src/cnstrnt.c:280:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(errmsg,"\n");
data/evolver-2.70+ds/src/command.c:195:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",EXTRAS(i)[k].array_spec.sizes[j]);
data/evolver-2.70+ds/src/command.c:1153:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(quan->name) > max_name )
data/evolver-2.70+ds/src/command.c:1154:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_name = strlen(quan->name);
data/evolver-2.70+ds/src/command.c:1300:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(msg+strlen(msg)-1," optimizing_parameter\n");
data/evolver-2.70+ds/src/command.c:1306:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",g->attr.arrayptr->sizes[k]);
data/evolver-2.70+ds/src/command.c:1307:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/command.c:1333:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(msg+strlen(msg)-1," optimizing_parameter\n");
data/evolver-2.70+ds/src/display.c:726:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(transform_expr,expr,sizeof(transform_expr));
data/evolver-2.70+ds/src/dump.c:57:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(defaultname,datafilename,sizeof(defaultname)-5);
data/evolver-2.70+ds/src/dump.c:124:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if ( strlen(*(char**)src) > maxspace-5 )
data/evolver-2.70+ds/src/dump.c:207:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
print_data_value(msg+strlen(msg),a->datatype,spot,msgmax-100,mode);
data/evolver-2.70+ds/src/dump.c:208:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/dump.c:223:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
print_data_value(msg+strlen(msg),a->datatype,spot,msgmax-100,mode);
data/evolver-2.70+ds/src/dump.c:225:42: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ( k < a->sizes[depth-1] - 1 ) strcat(msg,",");
data/evolver-2.70+ds/src/dump.c:226:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (strlen(msg) > 60) && (k < a->sizes[depth-1] - 1) )
data/evolver-2.70+ds/src/dump.c:281:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ print_data_value(msg+strlen(msg),ex->type,spot,msgmax-100,PRINT_PLAIN);
data/evolver-2.70+ds/src/dump.c:284:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(msg,",");
data/evolver-2.70+ds/src/dump.c:285:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( linelength+strlen(msg) > 70 )
data/evolver-2.70+ds/src/dump.c:294:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelength += strlen(msg);
data/evolver-2.70+ds/src/dump.c:511:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg," ");
data/evolver-2.70+ds/src/dump.c:514:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",a->sizes[j]);
data/evolver-2.70+ds/src/dump.c:752:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[j]);
data/evolver-2.70+ds/src/dump.c:754:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),
data/evolver-2.70+ds/src/dump.c:756:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/dump.c:1108:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(msg,"\n"); outstring(msg);
data/evolver-2.70+ds/src/dump.c:1610:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(defaultname,datafilename,sizeof(defaultname)-5);
data/evolver-2.70+ds/src/dump.c:1612:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(defaultname+strlen(defaultname),".task%d",this_task);
data/evolver-2.70+ds/src/dump.c:2021:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
convert_string(g->value.string,msg+strlen(msg),msgmax-100);
data/evolver-2.70+ds/src/dump.c:2022:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/dump.c:2075:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg," ");
data/evolver-2.70+ds/src/dump.c:2078:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",a->sizes[j]);
data/evolver-2.70+ds/src/dump.c:2099:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[k]);
data/evolver-2.70+ds/src/dump.c:2388:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(msg,"\n"); outstring(msg);
data/evolver-2.70+ds/src/dump.c:2447:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[j]);
data/evolver-2.70+ds/src/dump.c:2448:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/eval_all.c:106:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:113:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:377:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:415:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:437:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:552:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:568:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:722:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:835:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:848:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:862:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1310:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1466:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1473:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_all.c:1533:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:129:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:136:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:427:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:468:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:490:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:604:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:628:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:643:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:657:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:684:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:711:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:718:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:769:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:853:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:869:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:886:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:961:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:979:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1005:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1180:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1215:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1233:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1410:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1436:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1510:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1533:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1550:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1575:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1689:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1696:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1758:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/eval_sec.c:1773:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:119:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:187:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:193:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:218:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:233:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:248:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:304:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:338:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:344:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:364:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:370:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:390:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:396:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:411:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:418:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:431:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:438:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:515:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:527:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:568:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:584:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:658:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:699:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:717:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*stacktop = s ? (REAL)strlen(s) : 0;
data/evolver-2.70+ds/src/evalmore.c:828:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:842:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:863:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:886:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:930:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:938:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1049:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1099:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1107:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1138:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1154:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1182:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1209:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1264:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1296:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1311:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1325:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1335:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1380:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1387:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1481:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1494:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1510:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1592:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1613:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1649:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1657:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1725:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1773:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1816:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1826:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1884:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:1939:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2020:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2046:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2053:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2131:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2169:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2205:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2373:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2580:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2586:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2596:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2617:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2626:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2644:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2676:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2683:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2690:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2699:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2706:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:2713:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3091:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pix_file_name,*(char**)(stacktop--),sizeof(pix_file_name));
data/evolver-2.70+ds/src/evalmore.c:3096:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pix_file_name,*(char**)(stacktop--),sizeof(pix_file_name));
data/evolver-2.70+ds/src/evalmore.c:3110:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ps_file_name,*(char**)(stacktop--),sizeof(ps_file_name));
data/evolver-2.70+ds/src/evalmore.c:3240:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3304:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3463:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3614:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3646:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3670:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3900:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d; nnode->type %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3906:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ( (int)(msgspot-newmsg+strlen(ss))
data/evolver-2.70+ds/src/evalmore.c:3941:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgspot += strlen(msgspot);
data/evolver-2.70+ds/src/evalmore.c:3947:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:3965:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *str = mycalloc(strlen(newmsg)+2,1);
data/evolver-2.70+ds/src/evalmore.c:3982:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4038:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d; nnode->type %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4043:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(msgspot,1,strlen(msgspot),outfd);
data/evolver-2.70+ds/src/evalmore.c:4112:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4221:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4228:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4414:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4440:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*ss = temp_realloc(*ss,(s?strlen(s):0)+1);
data/evolver-2.70+ds/src/evalmore.c:4444:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*ss = kb_realloc(*ss,(s?strlen(s):0)+1);
data/evolver-2.70+ds/src/evalmore.c:4460:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g->value.string = calloc(strlen(s)+1,sizeof(char));
data/evolver-2.70+ds/src/evalmore.c:4550:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4637:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4644:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4664:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4677:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4698:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4720:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4734:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4747:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4768:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4790:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4824:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4907:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4923:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4938:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:4976:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = (int)strlen(text);
data/evolver-2.70+ds/src/evalmore.c:4989:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5009:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5076:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmapname,*(char**)(stacktop--),sizeof(cmapname));
data/evolver-2.70+ds/src/evalmore.c:5088:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5101:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5192:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5203:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evalmore.c:5206:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(appears to be corrupt node)\n");
data/evolver-2.70+ds/src/evalmore.c:5704:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *s = mycalloc(strlen(enode->op1.string)+1,sizeof(char));
data/evolver-2.70+ds/src/evalmore.c:5709:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *s = mycalloc(strlen(enode->op5.string)+1,sizeof(char));
data/evolver-2.70+ds/src/evalmore.c:5770:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *s = calloc(strlen(enode->op1.string)+1,sizeof(char));
data/evolver-2.70+ds/src/evaltree.c:145:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:378:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:469:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:511:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:517:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(loadfilename,*(char**)(stacktop--),sizeof(loadfilename));
data/evolver-2.70+ds/src/evaltree.c:534:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:573:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:628:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:642:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:657:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(loadfilename,*(char**)(stacktop--),sizeof(loadfilename));
data/evolver-2.70+ds/src/evaltree.c:671:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:698:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:952:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1107:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1150:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1184:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1414:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1452:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1549:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1584:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1670:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1684:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1699:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1715:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1736:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1754:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1805:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1864:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1880:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1894:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1945:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:1978:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2000:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2021:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(msg,"{");
data/evolver-2.70+ds/src/evaltree.c:2023:27: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ if ( i > 0 ) strcat(msg,",");
data/evolver-2.70+ds/src/evaltree.c:2025:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"%#*.*Qf",DWIDTH,DPREC,normal[0][i]/mag);
data/evolver-2.70+ds/src/evaltree.c:2027:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"%#*.*Lf",DWIDTH,DPREC,normal[0][i]/mag);
data/evolver-2.70+ds/src/evaltree.c:2029:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"%17.15g",normal[0][i]/mag);
data/evolver-2.70+ds/src/evaltree.c:2047:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2197:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2212:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2227:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2244:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2261:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2408:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2562:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2595:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2619:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2698:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2714:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2737:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2764:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2818:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2855:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:2995:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3840:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3852:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3942:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3955:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3962:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:3977:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4008:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4054:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4096:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4172:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4187:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4218:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4226:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4337:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4365:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4454:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4461:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4501:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4551:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4559:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4713:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4720:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:4971:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),
data/evolver-2.70+ds/src/evaltree.c:5009:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5050:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(char**)pp = temp_realloc(*(char**)pp,(s?strlen(s):0)+1);
data/evolver-2.70+ds/src/evaltree.c:5052:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(char**)pp = kb_realloc(*(char**)pp,(s?strlen(s):0)+1);
data/evolver-2.70+ds/src/evaltree.c:5133:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),
data/evolver-2.70+ds/src/evaltree.c:5177:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5199:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = kb_realloc(*pp,strlen(*cspot)+2);
data/evolver-2.70+ds/src/evaltree.c:5555:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5737:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:5912:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6082:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6089:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"Index %d of left side is %d, index %d of first factor is %d\n",
data/evolver-2.70+ds/src/evaltree.c:6091:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6099:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"Index %d of left side is %d, index %d of second factor is %d\n",
data/evolver-2.70+ds/src/evaltree.c:6101:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6210:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6232:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6260:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6338:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6346:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6353:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6369:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6410:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6587:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6601:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6610:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6623:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6633:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6653:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6673:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6683:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6696:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6706:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6725:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6737:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6759:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6784:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6798:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6818:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6834:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6842:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/evaltree.c:6866:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/exprint.c:206:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = cc + 3 + INDENT*bd + extra_indent + strlen(c);
data/evolver-2.70+ds/src/exprint.c:207:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kb_memmove(cc+3+INDENT*bd+extra_indent,c,strlen(c));
data/evolver-2.70+ds/src/exprint.c:267:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ check_room_left(strlen(c)+30);
data/evolver-2.70+ds/src/exprint.c:269:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:337:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:344:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:349:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:354:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"suppress_warning "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:359:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"unsuppress_warning "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:364:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"keylogfile "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:369:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"logfile "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:402:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"display_text("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:410:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"delete_text("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:416:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"is_constraint["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:418:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"].fixed "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:422:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"is_constraint["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:424:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"].nonnegative "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:428:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"is_constraint["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:430:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"].nonpositive "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:446:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos," function {"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:448:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos," } "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:456:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"wrap_vertex("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:458:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:460:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:464:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"new_vertex("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:466:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:470:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"facet_crosscut("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:472:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:476:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"new_edge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:478:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:480:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:484:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"new_facet("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:486:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:490:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"new_body"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:504:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:509:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:516:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:518:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos+=1;
data/evolver-2.70+ds/src/exprint.c:523:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:525:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos+=1;
data/evolver-2.70+ds/src/exprint.c:531:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:538:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:544:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:548:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"vertex_merge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:550:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:552:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:556:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"edge_merge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:558:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:560:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:564:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"facet_merge("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:566:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:568:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:576:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,"}"); pos++;
data/evolver-2.70+ds/src/exprint.c:581:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:593:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:601:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:610:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:624:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:638:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:646:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:648:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos," function "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:663:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:674:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:677:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:692:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:701:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:707:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:731:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:752:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:757:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos++,"("); // kludge for "-" after []
data/evolver-2.70+ds/src/exprint.c:759:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos++,")");
data/evolver-2.70+ds/src/exprint.c:777:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:792:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:798:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:808:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:813:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:819:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:826:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"set constraint "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:828:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos," global "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:832:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"unset constraint "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:834:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos," global "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:840:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:846:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:850:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"reset_counts"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:854:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"flush_counts"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:858:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"print profiling"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:862:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"reset_profiling"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:866:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"pause"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:870:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"return "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:876:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"evolver_version"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:880:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"date_and_time"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:887:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:894:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:898:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"history "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:902:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"transform_expr "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:906:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"warning_messages "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:910:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"datafilename "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:935:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:943:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:950:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:957:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:967:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,",");
data/evolver-2.70+ds/src/exprint.c:974:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"print "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:980:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:986:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:991:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:997:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1000:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1005:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1008:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1015:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1020:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1028:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"else "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1043:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"if ( "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1045:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," ) then "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1052:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," do "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1058:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos," ;"); pos += strlen(pos); }
data/evolver-2.70+ds/src/exprint.c:1063:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"while ("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1065:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,") "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1073:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"do "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1079:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," while ("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1081:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,") "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1085:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"for ( "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1087:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," ) "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1092:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else { strcat(pos," ;") ; pos += strlen(pos); } /* empty command3 */
data/evolver-2.70+ds/src/exprint.c:1099:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," ; "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1105:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," ; "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1115:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos," >> "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1119:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," >> \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1124:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos," >>> "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1128:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," >>> \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1133:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos," >>2 "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1137:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," >>2 \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1142:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos," >>>2 "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1146:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," >>>2 \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1152:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos," | "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1156:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," | \"%s\" ",node->op1.string); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1167:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1174:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1217:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1222:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node->op1.toggle_state==ON_?"ON":"OFF"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1227:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node->op1.toggle_state==ON_?"ON":"OFF"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1232:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node->op1.toggle_state==ON_?"ON":"OFF"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1237:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node->op1.toggle_state==ON_?"ON":"OFF"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1242:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node->op1.toggle_state==ON_?"ON":"OFF"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1247:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node->op1.toggle_state==ON_?"ON":"OFF"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1251:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"geompipe "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1256:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"postscript "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1261:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"binary_off_file "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1266:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"ooglfile "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1272:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1277:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1282:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1287:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1292:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1297:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1302:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1307:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1312:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1317:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1322:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1327:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1333:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1338:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"view_matrix["); pos += strlen("view_matrix[");
data/evolver-2.70+ds/src/exprint.c:1342:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,"]"); pos += 1;
data/evolver-2.70+ds/src/exprint.c:1352:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"m "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1357:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"optimize "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1362:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"gap_constant := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1367:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"K "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1372:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"y "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1377:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"M "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1382:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"P "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1394:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1399:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"diffusion := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1404:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"thicken := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1409:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"autochop := "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1414:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"p "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1419:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"zoom "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1428:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1434:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1440:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1446:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1452:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1458:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1464:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1470:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1476:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1482:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1488:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1494:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1501:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"view_transform_parity["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1503:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,"]"); pos++;
data/evolver-2.70+ds/src/exprint.c:1507:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"view_transform_swap_colors["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1509:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,"]"); pos++;
data/evolver-2.70+ds/src/exprint.c:1513:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"view_transforms["); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1528:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1535:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1542:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1546:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case SHOW_VOL_NODE: sprintf(pos,"show_vol "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1547:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case CHECK_NODE:sprintf(pos,"check "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1548:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case LONG_JIGGLE_NODE: sprintf(pos,"long_jiggle "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1549:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case RAW_VERAVG_NODE:sprintf(pos,"rawv "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1550:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case STABILITY_TEST_NODE:sprintf(pos,"stability_test "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1551:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case UTEST_NODE: sprintf(pos,"utest "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1552:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case GO_NODE: sprintf(pos,"g "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1553:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case SHELL_NODE: sprintf(pos,"shell "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1554:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case ALICE_NODE: sprintf(pos,"alice "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1555:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case RECALC_NODE: sprintf(pos,"recalc "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1556:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case COUNTS_NODE: sprintf(pos,"counts "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1557:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case RAWEST_VERAVG_NODE:sprintf(pos,"rawestv "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1558:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case EXTRAPOLATE_NODE:sprintf(pos,"extrapolate "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1559:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case LINEAR_NODE: sprintf(pos,"linear "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1560:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case QUADRATIC_NODE:sprintf(pos,"quadratic "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1561:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case REBODY_NODE:sprintf(pos,"rebody "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1562:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case HESSIAN_NODE: sprintf(pos,"hessian "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1563:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case SHOWQ_NODE: sprintf(pos,"simplex_to_fe"); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1564:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case CLOSE_SHOW_NODE: sprintf(pos,"showq "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1565:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case HESSIAN_MENU_NODE:sprintf(pos,"hessian_menu "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1566:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case DIRICHLET_NODE: sprintf(pos,"dirichlet "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1567:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case SOBOLEV_NODE: sprintf(pos,"sobolev "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1568:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case REORDER_STORAGE_NODE:sprintf(pos,"reorder_storage "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1569:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case DIRICHLET_SEEK_NODE: sprintf(pos,"dirichlet_seek "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1570:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case SOBOLEV_SEEK_NODE: sprintf(pos,"sobolev_seek "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1571:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case CONVERT_TO_QUANTS_NODE:sprintf(pos,"convert_to_quantities "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1572:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case RENUMBER_ALL_NODE: sprintf(pos,"renumber_all "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1573:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case DUMP_MEMLIST_NODE: sprintf(pos,"dump_memlist "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1574:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case FREE_DISCARDS_NODE:sprintf(pos,"free_discards "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1575:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case REPARTITION_NODE: sprintf(pos,"repartition "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1576:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case SUBCOMMAND_NODE: sprintf(pos,"subcommand "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1577:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case ABORT_NODE: sprintf(pos,"abort "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1578:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case DETORUS_NODE:sprintf(pos,"detorus "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1579:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case MAKE_THREAD_LISTS_NODE:sprintf(pos,"make_thread_lists "); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1580:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case SIMPLEX_TO_FE_NODE: sprintf(pos,"simplex_to_fe"); pos+=strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:1584:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1591:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1600:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1607:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1609:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(pos,"{"); pos++; }
data/evolver-2.70+ds/src/exprint.c:1614:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(pos,"}"); pos++; }
data/evolver-2.70+ds/src/exprint.c:1619:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1621:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(pos,"{"); pos++; }
data/evolver-2.70+ds/src/exprint.c:1624:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(pos,"}"); pos++; }
data/evolver-2.70+ds/src/exprint.c:1633:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:1636:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1643:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1646:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:1667:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1671:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos,")\n"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1674:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else { strcat(pos,");\n"); pos += strlen(pos); }
data/evolver-2.70+ds/src/exprint.c:1680:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1683:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:1701:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1705:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ strcat(pos,")\n"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1708:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else { strcat(pos,");\n"); pos += strlen(pos); }
data/evolver-2.70+ds/src/exprint.c:1716:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1721:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1729:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1735:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1743:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1751:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1760:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1766:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1775:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1780:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1786:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1792:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1798:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1805:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1811:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1818:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1823:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1828:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1830:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,")");
data/evolver-2.70+ds/src/exprint.c:1835:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"lagrange "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1840:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"lanczos "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1842:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(pos,"("); pos++;
data/evolver-2.70+ds/src/exprint.c:1844:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:1846:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:1852:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"eigenprobe "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1854:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(pos,"("); pos++;
data/evolver-2.70+ds/src/exprint.c:1856:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:1858:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:1864:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"ritz("); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1866:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:1868:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:1872:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"torus_periods"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1873:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"[");
data/evolver-2.70+ds/src/exprint.c:1877:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"]");
data/evolver-2.70+ds/src/exprint.c:1881:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"inverse_periods"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1882:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"[");
data/evolver-2.70+ds/src/exprint.c:1886:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"]");
data/evolver-2.70+ds/src/exprint.c:1890:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"saddle "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1896:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"hessian_seek "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1902:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"move "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1907:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"areaweed "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1912:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"edgeweed "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1917:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"metis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1922:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"metis_readjust "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1927:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"kmetis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1932:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"body-metis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1937:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"notch "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1942:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"edge_divide "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1947:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"ometis "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1963:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"list procedures "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1967:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"list attributes "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1972:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1978:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1986:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:1990:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2001:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2005:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2012:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"list topinfo "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2016:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"list bottominfo "); pos+=strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2025:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2031:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2037:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2043:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2049:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2055:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2061:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2067:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2073:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2079:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2085:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2091:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2097:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2103:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2109:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2115:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2121:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2127:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2140:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2145:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"vertexnormal"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2151:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,"x"); pos += 1;
data/evolver-2.70+ds/src/exprint.c:2163:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2165:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"]");
data/evolver-2.70+ds/src/exprint.c:2171:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2173:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,"]");
data/evolver-2.70+ds/src/exprint.c:2174:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2186:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:2239:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos); break;
data/evolver-2.70+ds/src/exprint.c:2261:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2272:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2295:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2303:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," where "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2311:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2314:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2323:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2325:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:2327:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:2332:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2334:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:2336:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:2341:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2343:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:2345:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:2350:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2352:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:2354:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:2359:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2361:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:2363:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:2368:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2370:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:2372:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:2377:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2379:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,","); pos++;
data/evolver-2.70+ds/src/exprint.c:2381:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")"); pos++;
data/evolver-2.70+ds/src/exprint.c:2386:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," where "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2401:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2406:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"facetedges "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2410:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"vertices "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2416:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2420:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"edges "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2426:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2430:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"facets "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2436:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2440:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"bodies "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2446:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2451:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2456:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2467:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2472:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2476:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,"e");
data/evolver-2.70+ds/src/exprint.c:2477:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2481:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,"G");
data/evolver-2.70+ds/src/exprint.c:2482:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2488:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,"."); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2488:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos,"."); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2513:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2520:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2527:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2534:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2541:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2547:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2552:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2557:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2562:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2567:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2572:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2577:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2582:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2587:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2592:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2597:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2602:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2607:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2612:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2617:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2622:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2628:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2634:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2643:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2649:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2654:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2659:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2677:11: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
{ sprintf(pos,"(");
data/evolver-2.70+ds/src/exprint.c:2678:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2681:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,"/");
data/evolver-2.70+ds/src/exprint.c:2682:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2685:11: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
{ sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2686:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2724:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:2728:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"(");
data/evolver-2.70+ds/src/exprint.c:2739:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2745:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2754:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2756:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,",");
data/evolver-2.70+ds/src/exprint.c:2758:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:2763:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2765:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,",");
data/evolver-2.70+ds/src/exprint.c:2767:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:2772:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2774:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,",");
data/evolver-2.70+ds/src/exprint.c:2776:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:2781:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2783:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,",");
data/evolver-2.70+ds/src/exprint.c:2785:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:2790:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2792:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,",");
data/evolver-2.70+ds/src/exprint.c:2794:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:2799:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2801:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,",");
data/evolver-2.70+ds/src/exprint.c:2803:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:2808:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2810:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2811:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2815:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,"(");
data/evolver-2.70+ds/src/exprint.c:2816:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2819:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2824:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2826:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2827:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2832:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2834:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2835:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2840:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2842:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2843:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2848:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2850:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2851:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2856:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2858:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2859:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2864:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2866:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2867:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2872:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2874:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2875:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2880:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2882:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2883:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2888:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2890:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2891:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2896:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2898:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2899:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2904:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2906:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2907:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2912:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2914:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2915:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2920:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2922:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2923:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2928:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2930:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2931:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2936:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2938:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2939:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2944:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2946:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2947:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2952:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2954:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2955:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2960:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2962:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2963:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2968:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2970:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2971:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2976:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2978:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:2979:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2984:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2990:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:2996:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3000:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"]");
data/evolver-2.70+ds/src/exprint.c:3013:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3019:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3030:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3041:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3053:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3065:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3070:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,"."); pos++;
data/evolver-2.70+ds/src/exprint.c:3247:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"[");
data/evolver-2.70+ds/src/exprint.c:3249:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"]");
data/evolver-2.70+ds/src/exprint.c:3252:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"[");
data/evolver-2.70+ds/src/exprint.c:3254:12: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,"]");
data/evolver-2.70+ds/src/exprint.c:3271:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ( pos[-1] != '.' ) strcat(pos++," "); /* just to be sure */
data/evolver-2.70+ds/src/exprint.c:3303:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3307:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3318:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3322:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3356:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos,"]"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3356:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(pos,"]"); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3381:14: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:3387:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pos++,")");
data/evolver-2.70+ds/src/exprint.c:3427:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3454:6: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
{ sprintf(pos,"(");
data/evolver-2.70+ds/src/exprint.c:3455:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3459:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3462:7: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
{ sprintf(pos,")");
data/evolver-2.70+ds/src/exprint.c:3463:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3483:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3488:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3492:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pos," where "); pos += strlen(pos);
data/evolver-2.70+ds/src/exprint.c:3511:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos); return;
data/evolver-2.70+ds/src/exprint.c:3526:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos); return;
data/evolver-2.70+ds/src/geomgraph.c:127:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(gv_pipe[0],gv_version,sizeof(gv_version));
data/evolver-2.70+ds/src/geomgraph.c:471:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(geom_name,base_name,sizeof(geom_name));
data/evolver-2.70+ds/src/glutgraph.c:216:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gthread_data[which].wintitle,title,WINTITLESIZE);
data/evolver-2.70+ds/src/glutgraph.c:793:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t titlespot = ((int)strlen(datafilename) > 60) ? (strlen(datafilename)-60):0;
data/evolver-2.70+ds/src/glutgraph.c:793:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t titlespot = ((int)strlen(datafilename) > 60) ? (strlen(datafilename)-60):0;
data/evolver-2.70+ds/src/glutgraph.c:2145:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const GLubyte *end = s + strlen((char*)s);
data/evolver-2.70+ds/src/glutgraph.c:2146:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nvlen = strlen("GL_NVX_gpu_memory_info");
data/evolver-2.70+ds/src/glutgraph.c:2147:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t atilen = strlen("GL_ATI_meminfo");
data/evolver-2.70+ds/src/glutgraph.c:2210:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if ( strlen(datafilename) > 60 )
data/evolver-2.70+ds/src/glutgraph.c:2212:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datafilename+strlen(datafilename)-60, glut_id);
data/evolver-2.70+ds/src/glutgraph.c:2216:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(wintitle+strlen(wintitle)," (task %d)",this_task);
data/evolver-2.70+ds/src/glutgraph.c:2278:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(opengl_version,(char*)glGetString(GL_VERSION),sizeof(opengl_version));
data/evolver-2.70+ds/src/grapher.c:228:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( legal != strlen(string) )
data/evolver-2.70+ds/src/graphgen.c:276:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(cmapname) == 0 )
data/evolver-2.70+ds/src/help.c:87:14: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
else sprintf(msg,"\n");
data/evolver-2.70+ds/src/help.c:207:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else dest = buff + strlen(buff);
data/evolver-2.70+ds/src/help.c:267:46: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if (kb_stricmp(spot,"sub") == 0 ) {strcat(buff,"_"); }
data/evolver-2.70+ds/src/help.c:268:46: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if (kb_stricmp(spot,"sup") == 0 ) {strcat(buff,"^"); }
data/evolver-2.70+ds/src/help.c:269:44: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if (kb_stricmp(spot,"p") == 0 ) {strcat(buff,"\n"); printbuff();}
data/evolver-2.70+ds/src/help.c:270:48: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if (kb_strnicmp(spot,"/h",2) == 0 ) {strcat(buff,"\n"); printbuff();}
data/evolver-2.70+ds/src/help.c:282:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ul_level--; strcat(buff,"\n"); printbuff();}
data/evolver-2.70+ds/src/help.c:283:46: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if (kb_stricmp(spot,"/ol") == 0 ) {strcat(buff,"\n"); printbuff();}
data/evolver-2.70+ds/src/help.c:284:46: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else if (kb_stricmp(spot,"/dl") == 0 ) {strcat(buff,"\n"); printbuff();}
data/evolver-2.70+ds/src/help.c:286:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ strcat(buff,"\n");
data/evolver-2.70+ds/src/help.c:296:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ( pre_flag ) strcat(buff,"\n");
data/evolver-2.70+ds/src/help.c:370:27: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcpy(name+6,keyword); strcat(name,"\"");
data/evolver-2.70+ds/src/help.c:380:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line," ");
data/evolver-2.70+ds/src/help.c:391:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( relcount && (strlen(keyword) > 1) )
data/evolver-2.70+ds/src/help.c:419:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int keylen = (int)strlen(keyword);
data/evolver-2.70+ds/src/help.c:538:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( relcount && (strlen(keyword) > 1) )
data/evolver-2.70+ds/src/help.c:754:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"[%d]",ex->array_spec.sizes[k]);
data/evolver-2.70+ds/src/hessian.c:1184:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
baselength = strlen(hname);
data/evolver-2.70+ds/src/hessian3.c:626:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"Internal error: Insufficient storage in MD, K = %d\n",FLAG-9*N);
data/evolver-2.70+ds/src/hessian3.c:668:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = errmsg + strlen(errmsg);
data/evolver-2.70+ds/src/lexinit.c:630:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(length_method_name,yytext,sizeof(length_method_name)-1);
data/evolver-2.70+ds/src/lexinit.c:646:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(area_method_name,yytext,sizeof(area_method_name)-1);
data/evolver-2.70+ds/src/lexinit.c:659:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(area_method_name,yytext,sizeof(area_method_name)-1);
data/evolver-2.70+ds/src/lexinit.c:661:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(volume_method_name,yytext,sizeof(volume_method_name)-1);
data/evolver-2.70+ds/src/lexinit.c:781:14: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,yytext,ATTR_NAME_SIZE);
data/evolver-2.70+ds/src/lexinit.c:1887:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ *(char**)dest = mycalloc(strlen(yytext)+1,sizeof(char));
data/evolver-2.70+ds/src/lexinit.c:2893:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qname,yytext,sizeof(qname));
data/evolver-2.70+ds/src/lexinit.c:3513:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qname,yytext,sizeof(qname));
data/evolver-2.70+ds/src/lexinit2.c:148:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(yytext) < 2 )
data/evolver-2.70+ds/src/lexinit2.c:172:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ p->value.string = mycalloc(strlen(yytext)+2,sizeof(char));
data/evolver-2.70+ds/src/lexinit2.c:200:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->value.file.value_file = mycalloc(strlen(yytext)+1,1);
data/evolver-2.70+ds/src/lexinit2.c:412:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(bdry->name,yytext,BDRYNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:504:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bdry->coordf[i]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:532:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bdry->envect[i]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:562:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bdry->convect[i]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:720:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(con->name,yytext,CONNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:800:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con->formula->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:824:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con->envect[i]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:853:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con->convect[i]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:915:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mname,yytext,sizeof(mname));
data/evolver-2.70+ds/src/lexinit2.c:1054:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mi->expr[0]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:1101:14: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mi->expr[i]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:1146:14: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mi->expr[i]->name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:1223:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qname,yytext,sizeof(qname));
data/evolver-2.70+ds/src/lexinit2.c:1272:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(inst_name,qname,sizeof(qname));
data/evolver-2.70+ds/src/lexinit2.c:1273:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(inst_name+strlen(inst_name),"%d_",++namecount);
data/evolver-2.70+ds/src/lexinit2.c:1274:11: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(inst_name,yytext,sizeof(qname)-strlen(inst_name));
data/evolver-2.70+ds/src/lexinit2.c:1274:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(inst_name,yytext,sizeof(qname)-strlen(inst_name));
data/evolver-2.70+ds/src/lexinit2.c:1356:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(GEN_QUANT(gnum)->expr.name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:1935:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(phase_file_name,phasename,sizeof(phase_file_name));
data/evolver-2.70+ds/src/lexinit2.c:2246:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(gformula) > sizeof(formula)-20 )
data/evolver-2.70+ds/src/lexinit2.c:2250:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(formula,")");
data/evolver-2.70+ds/src/lexinit2.c:2266:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
{ if ( i > 1 ) strcat(formula,"+");
data/evolver-2.70+ds/src/lexinit2.c:2267:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( i==j ) sprintf(formula+strlen(formula),"X%d^2*(",i+SDIM);
data/evolver-2.70+ds/src/lexinit2.c:2268:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else sprintf(formula+strlen(formula),"2*X%d*X%d*(",i+SDIM,j+SDIM);
data/evolver-2.70+ds/src/lexinit2.c:2270:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(gformula) > sizeof(formula)-20 )
data/evolver-2.70+ds/src/lexinit2.c:2273:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(formula,")");
data/evolver-2.70+ds/src/lexinit2.c:2275:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(formula,")");
data/evolver-2.70+ds/src/lexinit2.c:2328:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(gformula) > sizeof(formula)-20 )
data/evolver-2.70+ds/src/lexinit2.c:2332:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(formula,")");
data/evolver-2.70+ds/src/lexinit2.c:2887:18: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
else sprintf(formula,"0");
data/evolver-2.70+ds/src/lexinit2.c:3380:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(GEN_QUANT(q)->expr.name,msg,EXPNAMESIZE-1);
data/evolver-2.70+ds/src/lexinit2.c:3494:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(yytext) < 2 )
data/evolver-2.70+ds/src/lexyy.c:1688:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/evolver-2.70+ds/src/lexyy.c:2151:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(yylval.lexeme,yytext,LEXEME_SIZE);
data/evolver-2.70+ds/src/lexyy.c:3135:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(commandfd);
data/evolver-2.70+ds/src/lexyy.c:3179:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(morebuff);
data/evolver-2.70+ds/src/lexyy.c:3260:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size -= (int)strlen(str)+3;
data/evolver-2.70+ds/src/lexyy.c:3266:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(str,errbuff+place+1,size);
data/evolver-2.70+ds/src/lexyy.c:3267:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( str[strlen(str)-1] != '\n' ) strcat(str,"\n");
data/evolver-2.70+ds/src/lexyy.c:3267:37: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ( str[strlen(str)-1] != '\n' ) strcat(str,"\n");
data/evolver-2.70+ds/src/lexyy.c:3361:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(macros[macro_count].name,yytext,MACRONAMESIZE);
data/evolver-2.70+ds/src/lexyy.c:3403:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(mspot);
data/evolver-2.70+ds/src/lexyy.c:3545:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(lexeme) == 1 )
data/evolver-2.70+ds/src/lexyy.c:3567:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(idname,lexeme,sizeof(idname)); /* save text */
data/evolver-2.70+ds/src/lexyy.c:3867:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(idname,lexeme,sizeof(idname)); /* save text */
data/evolver-2.70+ds/src/lexyy.c:3884:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(idname,lexeme,sizeof(idname)); /* save text */
data/evolver-2.70+ds/src/lexyy.c:3885:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(lexeme) == 1 )
data/evolver-2.70+ds/src/lexyy.c:3908:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,command_keywords[k].name,81);
data/evolver-2.70+ds/src/lexyy.c:3914:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,togglenames[k].name,81);
data/evolver-2.70+ds/src/lexyy.c:3920:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name,internal_variables[k].name,81);
data/evolver-2.70+ds/src/lexyy.c:3965:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(word) == 1 )
data/evolver-2.70+ds/src/lexyy.c:4078:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(idname,word,sizeof(idname)); /* save text */
data/evolver-2.70+ds/src/lexyy.c:4763:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(yylval.lexeme,yytext,LEXEME_SIZE);
data/evolver-2.70+ds/src/matrix.c:1485:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"%10.6f ",(DOUBLE)a[i][j]);
data/evolver-2.70+ds/src/matrix.c:1486:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/oglgraph.c:916:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(opengl_version,glGetString(GL_VERSION),sizeof(opengl_version));
data/evolver-2.70+ds/src/pixgraph.c:71:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( colorflag && ( strlen(cmapname) == 0 ) )
data/evolver-2.70+ds/src/popfilm.c:3825:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),
data/evolver-2.70+ds/src/psgraph.c:89:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(ps_file_name) == 0 )
data/evolver-2.70+ds/src/psgraph.c:93:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (strcmp(ps_file_name+strlen(ps_file_name)-3,".ps")!=0) &&
data/evolver-2.70+ds/src/psgraph.c:94:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strcmp(ps_file_name+strlen(ps_file_name)-4,".eps")!=0) )
data/evolver-2.70+ds/src/psgraph.c:418:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(tv) > 5 ) tv[5] = 0;
data/evolver-2.70+ds/src/psgraph.c:419:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(hv) > 5 ) hv[5] = 0;
data/evolver-2.70+ds/src/psgraph.c:420:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(en) > 5 ) en[5] = 0; /* max 5 chars in labels */
data/evolver-2.70+ds/src/psgraph.c:422:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (t->flag & LABEL_TAIL) && (strlen(tv) > 0) )
data/evolver-2.70+ds/src/psgraph.c:424:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)t->x[0][0],(DOUBLE)t->x[0][1],(int)strlen(tv));
data/evolver-2.70+ds/src/psgraph.c:425:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (t->flag & LABEL_HEAD) && (strlen(hv) > 0) )
data/evolver-2.70+ds/src/psgraph.c:427:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)t->x[1][0],(DOUBLE)t->x[1][1],(int)strlen(hv));
data/evolver-2.70+ds/src/psgraph.c:428:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (t->flag & LABEL_EDGE) && (strlen(en) > 0) )
data/evolver-2.70+ds/src/psgraph.c:432:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)(3*t->x[0][1]+2*t->x[1][1])/5,(int)strlen(en));
data/evolver-2.70+ds/src/psgraph.c:436:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)(2*t->x[0][1]+3*t->x[1][1])/5,(int)strlen(en));
data/evolver-2.70+ds/src/psgraph.c:462:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:464:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:466:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:488:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:494:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:500:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ sprintf(ptr," %f ",(DOUBLE)gray); ptr += strlen(ptr); }
data/evolver-2.70+ds/src/psgraph.c:523:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(ptr,"\n "); ptr += strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:531:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:536:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/evolver-2.70+ds/src/psgraph.c:549:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(line+strlen(line)," %7.5f edge ",
data/evolver-2.70+ds/src/psgraph.c:560:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(line,"\n");
data/evolver-2.70+ds/src/psgraph.c:708:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(fn) > 0 )
data/evolver-2.70+ds/src/psgraph.c:712:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)(t->x[0][1]+t->x[1][1]+t->x[2][1])/3,(int)strlen(fn));
data/evolver-2.70+ds/src/psgraph.c:744:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(tv) > 5 ) tv[5] = 0;
data/evolver-2.70+ds/src/psgraph.c:745:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(hv) > 5 ) hv[5] = 0;
data/evolver-2.70+ds/src/psgraph.c:746:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(en) > 5 ) en[5] = 0; /* max 5 chars in labels */
data/evolver-2.70+ds/src/psgraph.c:748:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( tv && (strlen(tv) > 0) )
data/evolver-2.70+ds/src/psgraph.c:750:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)t->x[ii][1],(int)strlen(tv));
data/evolver-2.70+ds/src/psgraph.c:751:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( hv && (strlen(hv) > 0) )
data/evolver-2.70+ds/src/psgraph.c:753:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)t->x[jj][1],(int)strlen(hv));
data/evolver-2.70+ds/src/psgraph.c:756:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( en && (strlen(en) > 0) )
data/evolver-2.70+ds/src/psgraph.c:761:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)((1-a)*t->x[ii][1]+a*t->x[jj][1]),(int)strlen(en));
data/evolver-2.70+ds/src/psgraph.c:765:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DOUBLE)(a*t->x[ii][1]+(1-a)*t->x[jj][1]),(int)strlen(en));
data/evolver-2.70+ds/src/quantity.c:497:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(GEN_QUANT(q)->name,name,sizeof(GEN_QUANT(q)->name));
data/evolver-2.70+ds/src/quantity.c:611:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(inst_name) >= MNAMESIZE )
data/evolver-2.70+ds/src/quantity.c:615:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m->name,inst_name,sizeof(m->name));
data/evolver-2.70+ds/src/quantity.c:679:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(new_inst_name) >= MNAMESIZE )
data/evolver-2.70+ds/src/quantity.c:683:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m->name,new_inst_name,sizeof(m->name));
data/evolver-2.70+ds/src/quantity.c:726:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(inst_name,meth_name,25);
data/evolver-2.70+ds/src/query.c:45:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(text)+1;
data/evolver-2.70+ds/src/query.c:100:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(h) < strlen(text+1) ) continue; /* prevent compare overrun */
data/evolver-2.70+ds/src/query.c:100:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(h) < strlen(text+1) ) continue; /* prevent compare overrun */
data/evolver-2.70+ds/src/query.c:101:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(h,text+1,strlen(text+1)) == 0 )
data/evolver-2.70+ds/src/query.c:128:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fulltext+fulltextsize,stuff,MAXCMDSIZE-fulltextsize);
data/evolver-2.70+ds/src/query.c:129:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fulltextsize = strlen(fulltext);
data/evolver-2.70+ds/src/query.c:298:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"(source file %s, line %d)\n",
data/evolver-2.70+ds/src/query.c:341:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = (int)strlen(s);
data/evolver-2.70+ds/src/readline.c:37:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t=s+strlen(s)-1;
data/evolver-2.70+ds/src/readline.c:64:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(txt);
data/evolver-2.70+ds/src/readline.c:95:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(hist,env_HOME,PATHSIZE-1);
data/evolver-2.70+ds/src/readline.c:96:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(hist, "/" EVOLVERHISTDOTFILENAME ,PATHSIZE-1-strlen(env_HOME));
data/evolver-2.70+ds/src/readline.c:96:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(hist, "/" EVOLVERHISTDOTFILENAME ,PATHSIZE-1-strlen(env_HOME));
data/evolver-2.70+ds/src/readline.c:122:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s); strncpy(inmsg,s,max);
data/evolver-2.70+ds/src/readline.c:122:24: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
len=strlen(s); strncpy(inmsg,s,max);
data/evolver-2.70+ds/src/readline.c:135:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new=malloc(lastlinepos+strlen(s)+2);
data/evolver-2.70+ds/src/readline.c:140:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new,lastline,lastlinepos);
data/evolver-2.70+ds/src/readline.c:141:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(new+lastlinepos," ");
data/evolver-2.70+ds/src/readline.c:189:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(s); strncpy(inmsg,s,max);
data/evolver-2.70+ds/src/readline.c:189:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
len=strlen(s); strncpy(inmsg,s,max);
data/evolver-2.70+ds/src/sdrv.c:689:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(msg)," Forcing positive to %g.",(DOUBLE)dk);
data/evolver-2.70+ds/src/skeleton.c:1343:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message.name,name,MPI_NAME_SIZE);
data/evolver-2.70+ds/src/skeleton.c:1395:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ex->name,name,ATTR_NAME_SIZE);
data/evolver-2.70+ds/src/symtable.c:110:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(symtable[symtop].name,name,SYMNAMESIZE);
data/evolver-2.70+ds/src/symtable.c:164:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/evolver-2.70+ds/src/symtable.c:442:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(g->name,name,GLOBAL_NAME_SIZE);
data/evolver-2.70+ds/src/symtable.c:445:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(name) > GLOBAL_NAME_SIZE )
data/evolver-2.70+ds/src/symtable.c:544:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(perm_globals(slot)->name,name,GLOBAL_NAME_SIZE);
data/evolver-2.70+ds/src/symtable.c:547:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(name) > GLOBAL_NAME_SIZE )
data/evolver-2.70+ds/src/symtable.c:775:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(v->g.name,name,GLOBAL_NAME_SIZE);
data/evolver-2.70+ds/src/tmain.c:308:20: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdstring,argv[0]+2,sizeof(cmdstring));
data/evolver-2.70+ds/src/tmain.c:310:20: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(cmdstring,argv[1],sizeof(cmdstring));
data/evolver-2.70+ds/src/userfunc.c:207:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+2,libname,sizeof(path)-2);
data/evolver-2.70+ds/src/userfunc.c:213:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,env,len);
data/evolver-2.70+ds/src/userfunc.c:215:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+len+1,libname,sizeof(path)-len-2);
data/evolver-2.70+ds/src/userfunc.c:221:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(path,libname,sizeof(path));
data/evolver-2.70+ds/src/userfunc.c:228:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errmsg+strlen(errmsg),dlerror(),sizeof(errmsg)-strlen(errmsg)-2);
data/evolver-2.70+ds/src/userfunc.c:228:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(errmsg+strlen(errmsg),dlerror(),sizeof(errmsg)-strlen(errmsg)-2);
data/evolver-2.70+ds/src/userfunc.c:228:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(errmsg+strlen(errmsg),dlerror(),sizeof(errmsg)-strlen(errmsg)-2);
data/evolver-2.70+ds/src/userfunc.c:233:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dll_list[k].name = mycalloc(1,strlen(libname)+4);
data/evolver-2.70+ds/src/userio.c:94:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(stream);
data/evolver-2.70+ds/src/userio.c:101:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(stream);
data/evolver-2.70+ds/src/userio.c:132:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (int)strlen(inmsg) == max-1 )
data/evolver-2.70+ds/src/userio.c:146:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = inmsg + strlen(inmsg) - 1;
data/evolver-2.70+ds/src/userio.c:171:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(gv_pipe[0],pickbuf,sizeof(pickbuf));
data/evolver-2.70+ds/src/userio.c:246:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"vertex %d ",pickvnum);
data/evolver-2.70+ds/src/userio.c:259:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"edge %d ",pickenum);
data/evolver-2.70+ds/src/userio.c:272:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"facet %d ",pickfnum);
data/evolver-2.70+ds/src/userio.c:274:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg,"\n");
data/evolver-2.70+ds/src/userio.c:408:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( (int)strlen(inmsg) == max-1 )
data/evolver-2.70+ds/src/userio.c:465:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = inmsg + strlen(inmsg) - 1;
data/evolver-2.70+ds/src/userio.c:487:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(result,path,PATHSIZE-1); result[PATHSIZE-1]=0;
data/evolver-2.70+ds/src/userio.c:492:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(slash,name,PATHSIZE-1-(slash-result));
data/evolver-2.70+ds/src/userio.c:530:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(datafile_stack[include_depth].filename,name,PATHSIZE-1);
data/evolver-2.70+ds/src/userio.c:589:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmdfile_stack[read_depth].filename,name,PATHSIZE-1);
data/evolver-2.70+ds/src/userio.c:611:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_names[file_no_used] = mycalloc(strlen(name)+4,1);
data/evolver-2.70+ds/src/userio.c:688:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ size_t needed = (warning_messages ? strlen(warning_messages):0) + strlen(message) + 10;
data/evolver-2.70+ds/src/userio.c:688:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ size_t needed = (warning_messages ? strlen(warning_messages):0) + strlen(message) + 10;
data/evolver-2.70+ds/src/userio.c:785:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"\nFATAL ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:786:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:788:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:788:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:795:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"\nERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:796:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:803:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullmsg,"\n");
data/evolver-2.70+ds/src/userio.c:819:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:821:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:821:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:827:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"file %s at line %d\n",
data/evolver-2.70+ds/src/userio.c:854:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"WARNING %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:855:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:856:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullmsg,"\n");
data/evolver-2.70+ds/src/userio.c:872:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"SYNTAX ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:873:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:874:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:874:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:895:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:913:15: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,c,size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:913:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(fullmsg,c,size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:918:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullmsg,"\n");
data/evolver-2.70+ds/src/userio.c:934:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:935:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:936:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:936:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:953:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullmsg,"\n");
data/evolver-2.70+ds/src/userio.c:982:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"SYNTAX ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:983:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:984:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:984:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:985:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullmsg,"\n");
data/evolver-2.70+ds/src/userio.c:1006:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(fullmsg+strlen(fullmsg),"DATAFILE ERROR %d: ",errnum);
data/evolver-2.70+ds/src/userio.c:1007:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fullmsg,emsg,size);
data/evolver-2.70+ds/src/userio.c:1008:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:1008:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_buff(fullmsg+strlen(fullmsg),size-strlen(fullmsg));
data/evolver-2.70+ds/src/userio.c:1009:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullmsg,"\n");
data/evolver-2.70+ds/src/userio.c:1142:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if ( filename ) strncpy(logfilename,filename,sizeof(logfilename)-1);
data/evolver-2.70+ds/src/userio.c:1183:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if ( filename ) strncpy(keylogfilename,filename,sizeof(keylogfilename)-1);
data/evolver-2.70+ds/src/utility.c:32:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ const size_t lengthof_EVOLVERPATH = strlen(environment_EVOLVERPATH);
data/evolver-2.70+ds/src/utility.c:58:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *dum = env_EVOLVERPATH + strlen(env_EVOLVERPATH) - 1;
data/evolver-2.70+ds/src/utility.c:479:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"Requested from %s line %d\n",file,line);
data/evolver-2.70+ds/src/utility.c:494:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr->file,file,sizeof(ptr->file)-1);
data/evolver-2.70+ds/src/utility.c:552:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(errmsg+strlen(errmsg),"File %s, line %d; original alloc %s:%d\n",
data/evolver-2.70+ds/src/utility.c:572:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(msg+strlen(msg),"Requested from %s line %d\n",file,line);
data/evolver-2.70+ds/src/utility.c:587:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(newhead->file,file,sizeof(newhead->file)-1);
data/evolver-2.70+ds/src/utility.c:640:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(memmsg,"\n");
data/evolver-2.70+ds/src/utility.c:3208:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,name,sizeof(path));
data/evolver-2.70+ds/src/utility.c:3225:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(slash,finddata.name,sizeof(path)-(slash-path));
data/evolver-2.70+ds/src/utility.c:3234:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,env,len);
data/evolver-2.70+ds/src/utility.c:3236:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+len+1,name,sizeof(path)-len-2);
data/evolver-2.70+ds/src/utility.c:3245:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,name,sizeof(path));
data/evolver-2.70+ds/src/utility.c:3262:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(slash,finddata.name,sizeof(path)-(slash-path));
data/evolver-2.70+ds/src/utility.c:3266:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path[strlen(path)-3] = 0;
data/evolver-2.70+ds/src/utility.c:3274:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,env,len);
data/evolver-2.70+ds/src/utility.c:3276:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+len+1,name,sizeof(path)-len-2);
data/evolver-2.70+ds/src/utility.c:3286:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,name,sizeof(path));
data/evolver-2.70+ds/src/utility.c:3296:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,globdata.gl_pathv[0],sizeof(path));
data/evolver-2.70+ds/src/utility.c:3305:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,env,len);
data/evolver-2.70+ds/src/utility.c:3307:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+len+1,name,sizeof(path)-len-2);
data/evolver-2.70+ds/src/utility.c:3316:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,name,sizeof(path));
data/evolver-2.70+ds/src/utility.c:3325:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,globdata.gl_pathv[0],sizeof(path));
data/evolver-2.70+ds/src/utility.c:3329:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path[strlen(path)-3] = 0;
data/evolver-2.70+ds/src/utility.c:3337:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,env,len);
data/evolver-2.70+ds/src/utility.c:3339:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+len+1,name,sizeof(path)-len-2);
data/evolver-2.70+ds/src/utility.c:3347:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,name,sizeof(path));
data/evolver-2.70+ds/src/utility.c:3353:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,env,len);
data/evolver-2.70+ds/src/utility.c:3355:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+len+1,name,sizeof(path)-len-2);
data/evolver-2.70+ds/src/utility.c:3364:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,name,sizeof(path));
data/evolver-2.70+ds/src/utility.c:3371:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path,env,len);
data/evolver-2.70+ds/src/utility.c:3373:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path+len+1,name,sizeof(path)-len-2);
data/evolver-2.70+ds/src/utility.c:3387:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
found = path + strlen(path) - 1;
data/evolver-2.70+ds/src/utility.c:3388:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
user = name + strlen(name) - 1;
data/evolver-2.70+ds/src/utility.c:3397:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(datafilename,found+1,PATHSIZE);
data/evolver-2.70+ds/src/wulff.c:64:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(web.wulff_name,wulffname,sizeof(web.wulff_name));
data/evolver-2.70+ds/src/yexparse.c:2643:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char*)mycalloc(strlen(symtable[left].name)+1,1);
data/evolver-2.70+ds/src/yexparse.c:2943:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char*)mycalloc(strlen(yytext)+1,sizeof(char));
data/evolver-2.70+ds/src/yexparse.c:3066:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char*)mycalloc(strlen(yytext)+1,sizeof(char));
data/evolver-2.70+ds/src/ytab.c:11252:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/evolver-2.70+ds/src/ytab.c:13890:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(globals((yyvsp[-4]).i)->attr.procstuff.proc_text,inputbuffer+(yyvsp[-4]).qnum,insize);
data/evolver-2.70+ds/src/ytab.c:13935:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(globals((yyvsp[-4]).i)->attr.procstuff.proc_text,inputbuffer+(yyvsp[-4]).qnum,insize);
data/evolver-2.70+ds/src/ytab.c:14575:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((yyval).lexeme,(yyvsp[-1]).lexeme,31);
data/evolver-2.70+ds/src/ytab.c:14586:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((yyval).lexeme,(yyvsp[-1]).lexeme,31);
data/evolver-2.70+ds/src/ytab.c:14597:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((yyval).lexeme,(yyvsp[0]).lexeme,31);
data/evolver-2.70+ds/src/ytab.c:14612:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((yyval).lexeme,(yyvsp[0]).lexeme,31);
data/evolver-2.70+ds/src/ytab.c:14686:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(globals((yyvsp[-2]).i)->attr.procstuff.proc_text,inputbuffer+(yyvsp[-2]).qnum,insize);
data/evolver-2.70+ds/src/ytab.c:14703:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(globals((yyvsp[-4]).i)->attr.procstuff.proc_text,inputbuffer+(yyvsp[-4]).qnum,insize);
data/evolver-2.70+ds/src/ytab.c:14731:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(perm_globals((yyvsp[-4]).i)->attr.procstuff.proc_text,inputbuffer+(yyvsp[-4]).qnum,insize);
data/evolver-2.70+ds/src/ytab.c:14761:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(globals((yyvsp[-3]).i)->attr.procstuff.proc_text,inputbuffer+(yyvsp[-1]).qnum,insize);
data/evolver-2.70+ds/src/ytab.c:14779:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(perm_globals((yyvsp[-3]).i)->attr.procstuff.proc_text,inputbuffer+(yyvsp[-1]).qnum,insize);
data/evolver-2.70+ds/src/ytab.c:15992:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char*)mycalloc(strlen(elsym->name)+1,1);
data/evolver-2.70+ds/src/ytab.c:16011:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char*)mycalloc(strlen(default_name)+1,1);
data/evolver-2.70+ds/src/ytab.c:16029:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char*)mycalloc(strlen(elsym->name)+1,1);
data/evolver-2.70+ds/src/ytab.c:16090:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ size_t size1 = strlen(list[(yyval).i].op1.string); /* qaxo */
data/evolver-2.70+ds/src/ytab.c:16091:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size2 = strlen(yytext);
data/evolver-2.70+ds/src/ytab.c:16095:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list[(yyval).i].op1.string+size1,yytext,size2);
data/evolver-2.70+ds/src/ytab.c:18816:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(modmsg,s,998);
data/evolver-2.70+ds/src/ytab.c:18817:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( modmsg[strlen(modmsg)-1] != '\n' )
data/evolver-2.70+ds/src/ytab.c:18818:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(modmsg,"\n");
ANALYSIS SUMMARY:
Hits = 4529
Lines analyzed = 191742 in approximately 6.23 seconds (30798 lines/second)
Physical Source Lines of Code (SLOC) = 150207
Hits@level = [0] 559 [1] 1188 [2] 1929 [3] 44 [4] 1368 [5] 0
Hits@level+ = [0+] 5088 [1+] 4529 [2+] 3341 [3+] 1412 [4+] 1368 [5+] 0
Hits/KSLOC@level+ = [0+] 33.8733 [1+] 30.1517 [2+] 22.2426 [3+] 9.40036 [4+] 9.10743 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.