Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/fish-3.1.2/pcre2-10.32/src/dftables.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_auto_possess.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_config.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_context.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_convert.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_dfa_match.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_error.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_extuni.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_find_bracket.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_internal.h
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_intmodedep.h
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_jit_compile.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_jit_match.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_jit_misc.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_jit_test.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_maketables.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_match_data.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_newline.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_ord2utf.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_pattern_info.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_printint.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_serialize.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_string_utils.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_study.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_substitute.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_substring.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_tables.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_ucd.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_ucp.h
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_valid_utf.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2_xclass.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2demo.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2posix.c
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2posix.h
Examining data/fish-3.1.2/pcre2-10.32/src/pcre2test.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitConfig.h
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitConfigInternal.h
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitExecAllocator.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitLir.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitLir.h
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeARM_32.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeARM_64.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeARM_T2_32.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeMIPS_32.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeMIPS_64.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeMIPS_common.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativePPC_32.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativePPC_64.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativePPC_common.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeSPARC_32.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeSPARC_common.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeTILEGX-encoder.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeTILEGX_64.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeX86_32.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeX86_64.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeX86_common.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c
Examining data/fish-3.1.2/pcre2-10.32/src/sljit/sljitUtils.c
Examining data/fish-3.1.2/src/autoload.cpp
Examining data/fish-3.1.2/src/autoload.h
Examining data/fish-3.1.2/src/builtin.cpp
Examining data/fish-3.1.2/src/builtin.h
Examining data/fish-3.1.2/src/builtin_argparse.cpp
Examining data/fish-3.1.2/src/builtin_argparse.h
Examining data/fish-3.1.2/src/builtin_bg.cpp
Examining data/fish-3.1.2/src/builtin_bg.h
Examining data/fish-3.1.2/src/builtin_bind.cpp
Examining data/fish-3.1.2/src/builtin_bind.h
Examining data/fish-3.1.2/src/builtin_block.cpp
Examining data/fish-3.1.2/src/builtin_block.h
Examining data/fish-3.1.2/src/builtin_builtin.cpp
Examining data/fish-3.1.2/src/builtin_builtin.h
Examining data/fish-3.1.2/src/builtin_cd.cpp
Examining data/fish-3.1.2/src/builtin_cd.h
Examining data/fish-3.1.2/src/builtin_command.cpp
Examining data/fish-3.1.2/src/builtin_command.h
Examining data/fish-3.1.2/src/builtin_commandline.cpp
Examining data/fish-3.1.2/src/builtin_commandline.h
Examining data/fish-3.1.2/src/builtin_complete.cpp
Examining data/fish-3.1.2/src/builtin_complete.h
Examining data/fish-3.1.2/src/builtin_contains.cpp
Examining data/fish-3.1.2/src/builtin_contains.h
Examining data/fish-3.1.2/src/builtin_disown.cpp
Examining data/fish-3.1.2/src/builtin_disown.h
Examining data/fish-3.1.2/src/builtin_echo.cpp
Examining data/fish-3.1.2/src/builtin_echo.h
Examining data/fish-3.1.2/src/builtin_emit.cpp
Examining data/fish-3.1.2/src/builtin_emit.h
Examining data/fish-3.1.2/src/builtin_eval.cpp
Examining data/fish-3.1.2/src/builtin_eval.h
Examining data/fish-3.1.2/src/builtin_exit.cpp
Examining data/fish-3.1.2/src/builtin_exit.h
Examining data/fish-3.1.2/src/builtin_fg.cpp
Examining data/fish-3.1.2/src/builtin_fg.h
Examining data/fish-3.1.2/src/builtin_function.cpp
Examining data/fish-3.1.2/src/builtin_function.h
Examining data/fish-3.1.2/src/builtin_functions.cpp
Examining data/fish-3.1.2/src/builtin_functions.h
Examining data/fish-3.1.2/src/builtin_history.cpp
Examining data/fish-3.1.2/src/builtin_history.h
Examining data/fish-3.1.2/src/builtin_jobs.cpp
Examining data/fish-3.1.2/src/builtin_jobs.h
Examining data/fish-3.1.2/src/builtin_math.cpp
Examining data/fish-3.1.2/src/builtin_math.h
Examining data/fish-3.1.2/src/builtin_printf.cpp
Examining data/fish-3.1.2/src/builtin_printf.h
Examining data/fish-3.1.2/src/builtin_pwd.cpp
Examining data/fish-3.1.2/src/builtin_pwd.h
Examining data/fish-3.1.2/src/builtin_random.cpp
Examining data/fish-3.1.2/src/builtin_random.h
Examining data/fish-3.1.2/src/builtin_read.cpp
Examining data/fish-3.1.2/src/builtin_read.h
Examining data/fish-3.1.2/src/builtin_realpath.cpp
Examining data/fish-3.1.2/src/builtin_realpath.h
Examining data/fish-3.1.2/src/builtin_return.cpp
Examining data/fish-3.1.2/src/builtin_return.h
Examining data/fish-3.1.2/src/builtin_set.cpp
Examining data/fish-3.1.2/src/builtin_set.h
Examining data/fish-3.1.2/src/builtin_set_color.cpp
Examining data/fish-3.1.2/src/builtin_set_color.h
Examining data/fish-3.1.2/src/builtin_source.cpp
Examining data/fish-3.1.2/src/builtin_source.h
Examining data/fish-3.1.2/src/builtin_status.cpp
Examining data/fish-3.1.2/src/builtin_status.h
Examining data/fish-3.1.2/src/builtin_string.cpp
Examining data/fish-3.1.2/src/builtin_string.h
Examining data/fish-3.1.2/src/builtin_test.cpp
Examining data/fish-3.1.2/src/builtin_test.h
Examining data/fish-3.1.2/src/builtin_ulimit.cpp
Examining data/fish-3.1.2/src/builtin_ulimit.h
Examining data/fish-3.1.2/src/builtin_wait.cpp
Examining data/fish-3.1.2/src/builtin_wait.h
Examining data/fish-3.1.2/src/cancellable.h
Examining data/fish-3.1.2/src/color.cpp
Examining data/fish-3.1.2/src/color.h
Examining data/fish-3.1.2/src/common.cpp
Examining data/fish-3.1.2/src/common.h
Examining data/fish-3.1.2/src/complete.cpp
Examining data/fish-3.1.2/src/complete.h
Examining data/fish-3.1.2/src/enum_set.h
Examining data/fish-3.1.2/src/env.cpp
Examining data/fish-3.1.2/src/env.h
Examining data/fish-3.1.2/src/env_dispatch.cpp
Examining data/fish-3.1.2/src/env_dispatch.h
Examining data/fish-3.1.2/src/env_universal_common.cpp
Examining data/fish-3.1.2/src/env_universal_common.h
Examining data/fish-3.1.2/src/event.cpp
Examining data/fish-3.1.2/src/event.h
Examining data/fish-3.1.2/src/exec.cpp
Examining data/fish-3.1.2/src/exec.h
Examining data/fish-3.1.2/src/expand.cpp
Examining data/fish-3.1.2/src/expand.h
Examining data/fish-3.1.2/src/fallback.cpp
Examining data/fish-3.1.2/src/fallback.h
Examining data/fish-3.1.2/src/fish.cpp
Examining data/fish-3.1.2/src/fish_indent.cpp
Examining data/fish-3.1.2/src/fish_key_reader.cpp
Examining data/fish-3.1.2/src/fish_test_helper.cpp
Examining data/fish-3.1.2/src/fish_tests.cpp
Examining data/fish-3.1.2/src/fish_version.cpp
Examining data/fish-3.1.2/src/fish_version.h
Examining data/fish-3.1.2/src/flog.cpp
Examining data/fish-3.1.2/src/flog.h
Examining data/fish-3.1.2/src/function.cpp
Examining data/fish-3.1.2/src/function.h
Examining data/fish-3.1.2/src/future_feature_flags.cpp
Examining data/fish-3.1.2/src/future_feature_flags.h
Examining data/fish-3.1.2/src/global_safety.h
Examining data/fish-3.1.2/src/highlight.cpp
Examining data/fish-3.1.2/src/highlight.h
Examining data/fish-3.1.2/src/history.cpp
Examining data/fish-3.1.2/src/history.h
Examining data/fish-3.1.2/src/history_file.cpp
Examining data/fish-3.1.2/src/history_file.h
Examining data/fish-3.1.2/src/input.cpp
Examining data/fish-3.1.2/src/input.h
Examining data/fish-3.1.2/src/input_common.cpp
Examining data/fish-3.1.2/src/input_common.h
Examining data/fish-3.1.2/src/intern.cpp
Examining data/fish-3.1.2/src/intern.h
Examining data/fish-3.1.2/src/io.cpp
Examining data/fish-3.1.2/src/io.h
Examining data/fish-3.1.2/src/iothread.cpp
Examining data/fish-3.1.2/src/iothread.h
Examining data/fish-3.1.2/src/kill.cpp
Examining data/fish-3.1.2/src/kill.h
Examining data/fish-3.1.2/src/lru.h
Examining data/fish-3.1.2/src/maybe.h
Examining data/fish-3.1.2/src/null_terminated_array.cpp
Examining data/fish-3.1.2/src/null_terminated_array.h
Examining data/fish-3.1.2/src/operation_context.cpp
Examining data/fish-3.1.2/src/operation_context.h
Examining data/fish-3.1.2/src/output.cpp
Examining data/fish-3.1.2/src/output.h
Examining data/fish-3.1.2/src/pager.cpp
Examining data/fish-3.1.2/src/pager.h
Examining data/fish-3.1.2/src/parse_constants.h
Examining data/fish-3.1.2/src/parse_execution.cpp
Examining data/fish-3.1.2/src/parse_execution.h
Examining data/fish-3.1.2/src/parse_grammar.h
Examining data/fish-3.1.2/src/parse_productions.cpp
Examining data/fish-3.1.2/src/parse_productions.h
Examining data/fish-3.1.2/src/parse_tree.cpp
Examining data/fish-3.1.2/src/parse_tree.h
Examining data/fish-3.1.2/src/parse_util.cpp
Examining data/fish-3.1.2/src/parse_util.h
Examining data/fish-3.1.2/src/parser.cpp
Examining data/fish-3.1.2/src/parser.h
Examining data/fish-3.1.2/src/parser_keywords.cpp
Examining data/fish-3.1.2/src/parser_keywords.h
Examining data/fish-3.1.2/src/path.cpp
Examining data/fish-3.1.2/src/path.h
Examining data/fish-3.1.2/src/postfork.cpp
Examining data/fish-3.1.2/src/postfork.h
Examining data/fish-3.1.2/src/print_help.cpp
Examining data/fish-3.1.2/src/print_help.h
Examining data/fish-3.1.2/src/proc.cpp
Examining data/fish-3.1.2/src/proc.h
Examining data/fish-3.1.2/src/reader.cpp
Examining data/fish-3.1.2/src/reader.h
Examining data/fish-3.1.2/src/redirection.cpp
Examining data/fish-3.1.2/src/redirection.h
Examining data/fish-3.1.2/src/sanity.cpp
Examining data/fish-3.1.2/src/sanity.h
Examining data/fish-3.1.2/src/screen.cpp
Examining data/fish-3.1.2/src/screen.h
Examining data/fish-3.1.2/src/signal.cpp
Examining data/fish-3.1.2/src/signal.h
Examining data/fish-3.1.2/src/timer.cpp
Examining data/fish-3.1.2/src/timer.h
Examining data/fish-3.1.2/src/tinyexpr.cpp
Examining data/fish-3.1.2/src/tinyexpr.h
Examining data/fish-3.1.2/src/tnode.cpp
Examining data/fish-3.1.2/src/tnode.h
Examining data/fish-3.1.2/src/tokenizer.cpp
Examining data/fish-3.1.2/src/tokenizer.h
Examining data/fish-3.1.2/src/topic_monitor.cpp
Examining data/fish-3.1.2/src/topic_monitor.h
Examining data/fish-3.1.2/src/trace.cpp
Examining data/fish-3.1.2/src/trace.h
Examining data/fish-3.1.2/src/utf8.cpp
Examining data/fish-3.1.2/src/utf8.h
Examining data/fish-3.1.2/src/util.cpp
Examining data/fish-3.1.2/src/util.h
Examining data/fish-3.1.2/src/wcstringutil.cpp
Examining data/fish-3.1.2/src/wcstringutil.h
Examining data/fish-3.1.2/src/wgetopt.cpp
Examining data/fish-3.1.2/src/wgetopt.h
Examining data/fish-3.1.2/src/widecharwidth/widechar_width.h
Examining data/fish-3.1.2/src/wildcard.cpp
Examining data/fish-3.1.2/src/wildcard.h
Examining data/fish-3.1.2/src/wutil.cpp
Examining data/fish-3.1.2/src/wutil.h
FINAL RESULTS:
data/fish-3.1.2/src/common.cpp:2250:11: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
len = readlink("/proc/self/exe", buff, sizeof buff - 1); // Linux
data/fish-3.1.2/src/common.cpp:2252:15: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
len = readlink("/proc/curproc/file", buff, sizeof buff - 1); // other BSDs
data/fish-3.1.2/src/common.cpp:2254:19: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
len = readlink("/proc/self/path/a.out", buff, sizeof buff - 1); // Solaris
data/fish-3.1.2/pcre2-10.32/src/pcre2_internal.h:84:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/fish-3.1.2/pcre2-10.32/src/pcre2_internal.h:84:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:220:1: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(f, s, ap);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:104:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:104:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1131:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Usage: pcre2grep [OPTION]... [PATTERN] [FILE1 FILE2 ...]" STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1132:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Search for PATTERN in each FILE or standard input." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1133:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("PATTERN must be present if neither -e nor -f is used." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1136:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Callout scripts in patterns are supported." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1138:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Callout scripts are not supported in this pcre2grep." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1141:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("\"-\" can be used as a file name to mean STDIN." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1144:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Files whose names end in .gz are read using zlib." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1148:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Files whose names end in .bz2 are read using bzlib2." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1152:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Other files and the standard input are read as plain files." STDOUT_NL STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1154:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("All files are read as plain files, without any interpretation." STDOUT_NL STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1157:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Example: pcre2grep -i " QUOT "hello.*world" QUOT " menu.h main.c" STDOUT_NL STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1158:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Options:" STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1175:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("%.*s%s" STDOUT_NL, n, " ", op->help_text);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1178:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(STDOUT_NL "Numbers may be followed by K or M, e.g. --max-buffer-size=100K." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1179:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("The default value for --buffer-size is %d." STDOUT_NL, PCRE2GREP_BUFSIZE);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1180:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("The default value for --max-buffer-size is %d." STDOUT_NL, PCRE2GREP_MAX_BUFSIZE);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1181:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("When reading patterns or file names from a file, trailing white" STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1182:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("space is removed and blank lines are ignored." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1183:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("The maximum size of any pattern is %d bytes." STDOUT_NL, MAXPATLEN);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1185:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(STDOUT_NL "With no FILEs, read standard input. If fewer than two FILEs given, assume -h." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1186:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Exit status is 0 if any matches, 1 if no matches, and 2 if trouble." STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1957:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2282:9: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)execv(argsvector[0], argsvector);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2516:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(endptr, jfriedl_prefix); endptr += strlen(jfriedl_prefix);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2521:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(endptr, jfriedl_postfix); endptr += strlen(jfriedl_postfix);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2587:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "Binary file %s matches" STDOUT_NL, filename);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2596:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "%s" STDOUT_NL, printname);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2621:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "%d,%d" STDOUT_NL, (int)(ptr + offsets[0] - ptr),
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2627:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "%d,%d" STDOUT_NL,
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2638:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2665:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2748:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "--" STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2769:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "--" STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2999:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "%s" STDOUT_NL, printname);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3011:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "%lu" STDOUT_NL, count);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3157:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s%c%s", pathname, FILESEP, nextfile);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3372:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "pcre2grep version %s" STDOUT_NL, buffer);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4290:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, STDOUT_NL);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4300:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, "%lu" STDOUT_NL, total_count);
data/fish-3.1.2/pcre2-10.32/src/pcre2posix.c:66:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/fish-3.1.2/pcre2-10.32/src/pcre2posix.c:66:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2678:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outfile, "malloc %5" SIZ_FORM, SIZ_CAST size);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2708:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outfile, " %5" SIZ_FORM, SIZ_CAST malloclistlength[i]);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:5234:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)locale_name, (char *)pat_patctl.locale);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6176:32: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (test_mode == PCRE8_MODE) strcpy((char *)pbuffer8, (char *)nptr);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6257:32: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (test_mode == PCRE8_MODE) strcpy((char *)pbuffer8, (char *)nptr);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6369:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)dat_datctl.replacement, (char *)pat_patctl.replacement);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:7608:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outfile, " at offset %" SIZ_FORM, SIZ_CAST startchar);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:7910:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ucname, coptlist[i].name);
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitLir.c:1141:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(compiler->verbose, (op & SLJIT_I32_OP) ? "32" : "w");
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:115:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp_name, P_tmpdir);
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:131:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp_name, dir);
data/fish-3.1.2/src/builtin_fg.cpp:98:14: [4] (format) fwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
std::fwprintf(stderr, FG_MSG, job->job_id(), job->command_wcstr());
data/fish-3.1.2/src/builtin_history.cpp:70:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(err_text, sizeof(err_text) / sizeof(wchar_t),
data/fish-3.1.2/src/builtin_status.cpp:132:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(err_text, sizeof(err_text) / sizeof(wchar_t),
data/fish-3.1.2/src/common.cpp:225:13: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(
data/fish-3.1.2/src/common.cpp:231:13: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(text, sizeof(text) / sizeof(wchar_t), L"%-3d %s", i - skip_levels, symbols[i]);
data/fish-3.1.2/src/common.cpp:500:23: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
status = std::vswprintf(buff, size / sizeof(wchar_t), format, va);
data/fish-3.1.2/src/common.cpp:667:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(local_msg, sizeof local_msg, msg, va);
data/fish-3.1.2/src/common.cpp:856:13: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(buf, sizeof buf / sizeof buf[0], L"%%%02X", c2);
data/fish-3.1.2/src/common.cpp:915:13: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
swprintf(buf, sizeof buf / sizeof buf[0], L"_%02X", c2);
data/fish-3.1.2/src/common.h:157:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
[[gnu::noinline, gnu::format(printf, 2, 3)]] void debug_impl(int level, const char *msg, ...);
data/fish-3.1.2/src/env.cpp:1404:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (dir != nullptr && access(dir, mode) == 0 && check_runtime_path(dir) == 0) {
data/fish-3.1.2/src/fish_key_reader.cpp:103:18: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"%ls", ctrl_symbolic_names[wc]);
data/fish-3.1.2/src/fish_key_reader.cpp:105:18: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"\\c%c (or %ls)", wc + 0x40, ctrl_symbolic_names[wc]);
data/fish-3.1.2/src/fish_key_reader.cpp:108:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"\\c%c", wc + 0x40);
data/fish-3.1.2/src/fish_key_reader.cpp:114:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"\\x%X", wc);
data/fish-3.1.2/src/fish_key_reader.cpp:116:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"\\x%X (aka \"space\")", wc);
data/fish-3.1.2/src/fish_key_reader.cpp:122:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"\\x%X", wc);
data/fish-3.1.2/src/fish_key_reader.cpp:124:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"\\x%X (aka \"del\")", wc);
data/fish-3.1.2/src/fish_key_reader.cpp:130:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"\\%c", wc);
data/fish-3.1.2/src/fish_key_reader.cpp:132:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, buf_len, L"%c", wc);
data/fish-3.1.2/src/fish_key_reader.cpp:150:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, sizeof(buf) / sizeof(*buf), L"\\u%04X", wc);
data/fish-3.1.2/src/fish_key_reader.cpp:152:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(buf, sizeof(buf) / sizeof(*buf), L"\\U%06X", wc);
data/fish-3.1.2/src/fish_tests.cpp:120:10: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
std::vfwprintf(stdout, fmt, va);
data/fish-3.1.2/src/fish_tests.cpp:134:10: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
std::vfwprintf(stdout, blah, va);
data/fish-3.1.2/src/fish_tests.cpp:465:14: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(wbuf2, 128, L"%d", j);
data/fish-3.1.2/src/fish_tests.cpp:1741:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_expand_test/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:1742:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_expand_test/bb/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:1743:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_expand_test/baz/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:1744:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_expand_test/bax/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:1745:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_expand_test/lol/nub/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:1746:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_expand_test/aaa/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:1747:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_expand_test/aaa2/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:1748:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/.foo")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:1749:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/bb/x")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:1750:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/bar")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:1751:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/bax/xxx")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:1752:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/baz/xxx")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:1753:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/baz/yyy")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:1754:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/lol/nub/q")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:1755:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_expand_test/aaa2/x")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:2255:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/is_potential_path_test/alpha/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:2256:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/is_potential_path_test/beta/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:2259:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/is_potential_path_test/aardvark")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:2260:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/is_potential_path_test/gamma")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:2526:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int status = system(wcs2string(cmd).c_str());
data/fish-3.1.2/src/fish_tests.cpp:2651:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p 'test/complete_test'")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:2652:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch 'test/complete_test/has space'")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:2653:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch 'test/complete_test/bracket[abc]'")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:2654:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(R"(touch 'test/complete_test/gnarlybracket\[abc]')")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:2655:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch 'test/complete_test/testfile'")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:2656:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("chmod 700 'test/complete_test/testfile'")) err(L"chmod failed");
data/fish-3.1.2/src/fish_tests.cpp:2949:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p 'test/autosuggest_test/0foobar'")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:2950:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p 'test/autosuggest_test/1foo bar'")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:2951:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p 'test/autosuggest_test/2foo bar'")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:2952:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p 'test/autosuggest_test/3foo\\bar'")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:2953:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/autosuggest_test/4foo\\'bar")) {
data/fish-3.1.2/src/fish_tests.cpp:2956:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/autosuggest_test/5foo\\\"bar")) {
data/fish-3.1.2/src/fish_tests.cpp:2963:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/test-home/test_autosuggest_suggest_special/")) {
data/fish-3.1.2/src/fish_tests.cpp:2966:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/autosuggest_test/start/unique2/unique3/multi4")) {
data/fish-3.1.2/src/fish_tests.cpp:2969:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/autosuggest_test/start/unique2/unique3/multi42")) {
data/fish-3.1.2/src/fish_tests.cpp:2972:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/autosuggest_test/start/unique2/.hiddenDir/moreStuff")) {
data/fish-3.1.2/src/fish_tests.cpp:3041:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p '~hahaha/path1/path2/'")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:3206:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_uvars_test/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:3239:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system("rm -Rf test/fish_uvars_test/");
data/fish-3.1.2/src/fish_tests.cpp:3315:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_uvars_test/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:3360:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system("rm -Rf test/fish_uvars_test/");
data/fish-3.1.2/src/fish_tests.cpp:3387:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_uvars_test/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:3409:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system("rm -Rf test/fish_uvars_test/");
data/fish-3.1.2/src/fish_tests.cpp:3510:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_uvars_test/ && touch test/fish_uvars_test/varsfile.txt")) {
data/fish-3.1.2/src/fish_tests.cpp:3882:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(command)) {
data/fish-3.1.2/src/fish_tests.cpp:4392:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_highlight_test/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:4393:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_highlight_test/foo")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:4394:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("touch test/fish_highlight_test/bar")) err(L"touch failed");
data/fish-3.1.2/src/fish_tests.cpp:5121:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mkdir -p test/fish_env_snapshot_test/")) err(L"mkdir failed");
data/fish-3.1.2/src/fish_tests.cpp:5403:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
while (access("./tests/test.fish", F_OK) != 0) {
data/fish-3.1.2/src/flog.cpp:54:10: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
std::vfwprintf(file_, fmt, va);
data/fish-3.1.2/src/flog.cpp:64:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int ret = vsnprintf(nullptr, 0, fmt, va);
data/fish-3.1.2/src/flog.cpp:75:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(buff.get(), len, fmt, va);
data/fish-3.1.2/src/path.cpp:44:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(narrow.c_str(), X_OK) != 0) {
data/fish-3.1.2/src/path.cpp:72:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(narrow.c_str(), X_OK) == 0) {
data/fish-3.1.2/src/postfork.cpp:358:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (interpreter && 0 != access(interpreter, X_OK)) {
data/fish-3.1.2/src/print_help.cpp:21:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (printed < CMD_LEN && system(cmd) == -1) {
data/fish-3.1.2/src/proc.cpp:72:35: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static const bool s_result = (access("/proc/self/stat", R_OK) == 0);
data/fish-3.1.2/src/proc.cpp:167:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "killpg(%d, %s)", pgid, strsignal(signal));
data/fish-3.1.2/src/proc.cpp:498:18: [4] (format) fwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
std::fwprintf(stdout, fmt, program_name, p->pid, p->argv0(), job_number_desc.c_str(),
data/fish-3.1.2/src/proc.cpp:649:10: [4] (format) swprintf:
Potential format string problem (CWE-134). Make format string constant.
std::swprintf(fn, FN_SIZE, L"/proc/%d/stat", p->pid);
data/fish-3.1.2/src/wutil.cpp:264:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access(tmp.c_str(), mode);
data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c:80:1: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)(data[size/2]));
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3995:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv("LC_ALL");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4001:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
locale = getenv("LC_CTYPE");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4038:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *cs = getenv("PCRE2GREP_COLOUR");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4039:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cs == NULL) cs = getenv("PCRE2GREP_COLOR");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4040:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cs == NULL) cs = getenv("PCREGREP_COLOUR");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4041:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cs == NULL) cs = getenv("PCREGREP_COLOR");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4042:44: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cs == NULL) cs = parse_grep_colors(getenv("GREP_COLORS"));
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4043:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (cs == NULL) cs = getenv("GREP_COLOR");
data/fish-3.1.2/src/builtin_random.cpp:143:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else if (random < 0) {
data/fish-3.1.2/src/common.cpp:186:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("FISH_NO_WSL_CHECK") == nullptr) {
data/fish-3.1.2/src/common.cpp:2271:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env_tmpdir = getenv("TMPDIR");
data/fish-3.1.2/src/common.cpp:2304:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *TERM = getenv("TERM");
data/fish-3.1.2/src/env.cpp:301:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (const char *shlvl_var = getenv("SHLVL")) {
data/fish-3.1.2/src/env.cpp:352:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *incoming_pwd_cstr = getenv("PWD");
data/fish-3.1.2/src/env.cpp:1399:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *dir = getenv("XDG_RUNTIME_DIR");
data/fish-3.1.2/src/fish.cpp:128:16: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if ((ptr = realpath(path.c_str(), buff))) {
data/fish-3.1.2/src/fish.cpp:285:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, short_opts, long_opts, nullptr)) != -1) {
data/fish-3.1.2/src/fish_indent.cpp:525:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, short_opts, long_opts, nullptr)) != -1) {
data/fish-3.1.2/src/fish_key_reader.cpp:356:29: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (!error && (opt = getopt_long(argc, argv, short_opts, long_opts, nullptr)) != -1) {
data/fish-3.1.2/src/fish_tests.cpp:383:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
while (random() % ESCAPE_TEST_LENGTH) {
data/fish-3.1.2/src/fish_tests.cpp:384:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random_string.push_back((random() % ESCAPE_TEST_CHAR) + 1);
data/fish-3.1.2/src/fish_tests.cpp:501:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
while (random() % ESCAPE_TEST_LENGTH) {
data/fish-3.1.2/src/fish_tests.cpp:502:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
c = random();
data/fish-3.1.2/src/fish_tests.cpp:3530:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
size_t max = 1 + random() % 32;
data/fish-3.1.2/src/fish_tests.cpp:3532:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
wchar_t c = 1 + random() % ESCAPE_TEST_CHAR;
data/fish-3.1.2/src/fish_tests.cpp:3619:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
size_t count = random() % 6;
data/fish-3.1.2/src/fish_tests.cpp:5419:5: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned int)time(NULL));
data/fish-3.1.2/src/wutil.cpp:407:24: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
char *narrow_res = realpath(narrow_path.c_str(), tmpbuf);
data/fish-3.1.2/src/wutil.cpp:425:30: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
narrow_res = realpath(".", tmpbuf);
data/fish-3.1.2/src/wutil.cpp:429:30: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
narrow_res = realpath(narrow_path.substr(0, pathsep_idx).c_str(), tmpbuf);
data/fish-3.1.2/pcre2-10.32/src/dftables.c:88:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[i], "wb");
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:1121:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newcode, code, code->blocksize);
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:1156:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newcode, code, code->blocksize);
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:1166:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtables, code->tables, tables_length);
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:4233:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspace, cb->named_groups,
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:5330:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pbits, cbits + posix_class_maps[posix_class],
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:5668:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:5691:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:5775:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, mcbuffer, CU2BYTES(mclength));
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:6492:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mcbuffer, lastchar, CU2BYTES(mclength)); /* Save the char */
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:6596:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, CU2BYTES(1 + LINK_SIZE));
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:6768:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, CU2BYTES(len));
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:6826:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, CU2BYTES(len));
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:7045:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, mcbuffer, CU2BYTES(mclength));
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:7082:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, mcbuffer, CU2BYTES(mclength));
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:7428:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, mcbuffer, CU2BYTES(mclength));
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:8336:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(slot + IMM2_SIZE, name, CU2BYTES(length));
data/fish-3.1.2/pcre2-10.32/src/pcre2_context.c:233:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, gcontext, sizeof(pcre2_real_general_context));
data/fish-3.1.2/pcre2-10.32/src/pcre2_context.c:245:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, ccontext, sizeof(pcre2_real_compile_context));
data/fish-3.1.2/pcre2-10.32/src/pcre2_context.c:257:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, mcontext, sizeof(pcre2_real_match_context));
data/fish-3.1.2/pcre2-10.32/src/pcre2_context.c:270:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, ccontext, sizeof(pcre2_real_convert_context));
data/fish-3.1.2/pcre2-10.32/src/pcre2_convert.c:219:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, posix - clength, CU2BYTES(clength));
data/fish-3.1.2/pcre2-10.32/src/pcre2_convert.c:246:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, posix, CU2BYTES(6));
data/fish-3.1.2/pcre2-10.32/src/pcre2_convert.c:347:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, posix - clength, CU2BYTES(clength));
data/fish-3.1.2/pcre2-10.32/src/pcre2_dfa_match.c:653:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_states, active_states, (size_t)new_count * sizeof(stateblock));
data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c:211:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c:248:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c:265:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c:318:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, argv[i]+1, readsize);
data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c:327:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[i], "rb");
data/fish-3.1.2/pcre2-10.32/src/pcre2_internal.h:186:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d,s,n) _memcpy(d,s,n)
data/fish-3.1.2/pcre2-10.32/src/pcre2_intmodedep.h:836:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char check_heapframe_size[
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:646:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, mb->match_frames, mb->frame_vector_size);
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:693:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)N + offsetof(heapframe, eptr),
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:850:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ovector + 2, Fovector, (i - 2) * sizeof(PCRE2_SIZE));
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:5135:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Fovector,
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:5326:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Fovector,
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:5479:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)P + offsetof(heapframe, ovector), Fovector,
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:5545:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)F + offsetof(heapframe, ovector), P->ovector,
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:5571:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)P + offsetof(heapframe, eptr),
data/fish-3.1.2/pcre2-10.32/src/pcre2_serialize.c:113:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bytes, memctl, sizeof(pcre2_memctl));
data/fish-3.1.2/pcre2-10.32/src/pcre2_serialize.c:124:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_bytes, tables, tables_length);
data/fish-3.1.2/pcre2-10.32/src/pcre2_serialize.c:130:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(dst_bytes, (char *)re, re->blocksize);
data/fish-3.1.2/pcre2-10.32/src/pcre2_serialize.c:195:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tables, src_bytes, tables_length);
data/fish-3.1.2/pcre2-10.32/src/pcre2_serialize.c:208:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&blocksize, src_bytes + offsetof(pcre2_real_code, blocksize),
data/fish-3.1.2/pcre2-10.32/src/pcre2_serialize.c:230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((uint8_t *)dst_re) + sizeof(pcre2_memctl),
data/fish-3.1.2/pcre2-10.32/src/pcre2_string_utils.c:66:1: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(s, d, n);
data/fish-3.1.2/pcre2-10.32/src/pcre2_substitute.c:209:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + buff_offset, from, CU2BYTES(length)); \
data/fish-3.1.2/pcre2-10.32/src/pcre2_substring.c:129:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, match_data->subject + match_data->ovector[stringnumber*2],
data/fish-3.1.2/pcre2-10.32/src/pcre2_substring.c:221:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(yield, match_data->subject + match_data->ovector[stringnumber*2],
data/fish-3.1.2/pcre2-10.32/src/pcre2_substring.c:422:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (size != 0) memcpy(sp, match_data->subject + ovector[i], CU2BYTES(size));
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:346:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *incexname[4] = { "--include", "--exclude",
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:485:1: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(s, d, n);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:541:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char seq[16];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:578:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val_buf[4];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:581:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val_buf, "%d", rc);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:721:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int code = atoi(cs);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:932:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pattern, filename, len);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:936:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(pattern[len]), "\\*", 3);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1169:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (op->one_char > 0) sprintf(s, "-%c,", op->one_char);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1170:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(s, " ");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2254:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argsptr, subject + ovector[capture_id], capturesize);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2465:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buffer, main_buffer, bufsize);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3092:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
zos_test_file = fopen(pathname,"rb");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[FNBUFSIZ];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3171:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3187:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.512s%.128s", pathname, nextfile);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3263:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(pathname, "rb");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3370:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[128];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3396:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[14];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3398:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%d", n);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3404:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1: strcpy(p, "st"); break;
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3405:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2: strcpy(p, "nd"); break;
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3406:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3: strcpy(p, "rd"); break;
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3407:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
default: strcpy(p, "th"); break;
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3525:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXPATLEN+20];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3534:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "r");
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3709:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[24];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3710:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff2[24];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4243:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[FNBUFSIZ];
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4247:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen(fn->name, "rb");
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1005:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,8),G(b,8),sizeof(pcre2_convert_context_8)); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1007:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,16),G(b,16),sizeof(pcre2_convert_context_16)); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1008:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(G(a,32),G(b,32),sizeof(pcre2_convert_context_32))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1012:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,8),(char *)b,c); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1014:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,16),(char *)b,(c)*2); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1016:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,32),(char *)b,(c)*4)
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1020:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,8),G(b,8),sizeof(pcre2_match_context_8)); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1022:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,16),G(b,16),sizeof(pcre2_match_context_16)); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1023:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(G(a,32),G(b,32),sizeof(pcre2_match_context_32))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1030:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,8),G(b,8),sizeof(pcre2_compile_context_8)); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1032:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,16),G(b,16),sizeof(pcre2_compile_context_16)); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1033:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(G(a,32),G(b,32),sizeof(pcre2_compile_context_32))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1543:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITONE),G(b,BITONE),sizeof(G(pcre2_convert_context_,BITONE))); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1545:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITTWO),G(b,BITTWO),sizeof(G(pcre2_convert_context_,BITTWO)))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1549:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITONE),(char *)b,(c)*BYTEONE) : \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1550:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITTWO),(char *)b,(c)*BYTETWO)
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1554:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITONE),G(b,BITONE),sizeof(G(pcre2_match_context_,BITONE))); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1556:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITTWO),G(b,BITTWO),sizeof(G(pcre2_match_context_,BITTWO)))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1563:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITONE),G(b,BITONE),sizeof(G(pcre2_compile_context_,BITONE))); \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1565:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(G(a,BITTWO),G(b,BITTWO),sizeof(G(pcre2_compile_context_,BITTWO)))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1960:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CONCTXCPY(a,b) memcpy(G(a,8),G(b,8),sizeof(pcre2_convert_context_8))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1961:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CONVERT_COPY(a,b,c) memcpy(G(a,8),(char *)b, c)
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1962:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define DATCTXCPY(a,b) memcpy(G(a,8),G(b,8),sizeof(pcre2_match_context_8))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1964:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define PATCTXCPY(a,b) memcpy(G(a,8),G(b,8),sizeof(pcre2_compile_context_8))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2064:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CONCTXCPY(a,b) memcpy(G(a,16),G(b,16),sizeof(pcre2_convert_context_16))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2065:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CONVERT_COPY(a,b,c) memcpy(G(a,16),(char *)b, (c)*2)
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2066:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define DATCTXCPY(a,b) memcpy(G(a,16),G(b,16),sizeof(pcre2_match_context_16))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2068:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define PATCTXCPY(a,b) memcpy(G(a,16),G(b,16),sizeof(pcre2_compile_context_16))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2168:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CONCTXCPY(a,b) memcpy(G(a,32),G(b,32),sizeof(pcre2_convert_context_32))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2169:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CONVERT_COPY(a,b,c) memcpy(G(a,32),(char *)b, (c)*4)
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2170:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define DATCTXCPY(a,b) memcpy(G(a,32),G(b,32),sizeof(pcre2_match_context_32))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2172:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define PATCTXCPY(a,b) memcpy(G(a,32),G(b,32),sizeof(pcre2_compile_context_32))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2612:1: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(s, d, n);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2844:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuffer[16];
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2867:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else n = sprintf(tempbuffer, "\\x{%02x}", c);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3285:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buffer, buffer, pbuffer8_size);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3286:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pbuffer8, pbuffer8, pbuffer8_size);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3349:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(here, s, len);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3452:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int c = strncmp((char *)p, modlist[mid].name, (len < mlen)? len : mlen);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3897:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nn, pp, len);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3912:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field, pp, len);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:4683:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*fptr = fopen((const char *)filename, mode);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:4976:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pat_patctl, &def_patctl, sizeof(patctl));
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:5199:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt, pc, length);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:5352:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pbuffer8 + bsize, "DEADBEEF", 8);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6366:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dat_datctl, &def_datctl, sizeof(datctl));
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6495:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CAST8VAR(q), start_rep, replen);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:7909:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucname[16];
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:8575:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile = fopen(argv[op], INPUT_MODE);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:8590:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile = fopen(argv[op+1], OUTPUT_MODE);
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitConfigInternal.h:214:38: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define SLJIT_MEMCPY(dest, src, len) memcpy(dest, src, len)
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeTILEGX-encoder.c:648:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char operands[TILEGX_NUM_PIPELINE_ENCODINGS][TILEGX_MAX_OPERANDS];
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeTILEGX-encoder.c:10072:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char opbuf[TILEGX_BUNDLE_SIZE_IN_BYTES];
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitNativeTILEGX-encoder.c:10076:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)opbuf, (void *)memaddr, TILEGX_BUNDLE_SIZE_IN_BYTES);
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_name[256];
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:119:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_name, "/tmp");
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:123:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_name, "/tmp");
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:144:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tmp_name, O_TMPFILE | O_EXCL | O_RDWR | O_NOATIME | O_CLOEXEC, S_IRUSR | S_IWUSR);
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:154:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_name + tmp_name_len, "/XXXXXX");
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitUtils.c:172:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dev_zero = open("/dev/zero", O_RDWR);
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitUtils.c:187:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dev_zero = open("/dev/zero", O_RDWR);
data/fish-3.1.2/src/builtin.cpp:238:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[COUNT_CHUNK_SIZE];
data/fish-3.1.2/src/builtin_history.cpp:67:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t err_text[1024];
data/fish-3.1.2/src/builtin_read.cpp:260:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[READ_CHUNK_SIZE];
data/fish-3.1.2/src/builtin_status.cpp:129:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t err_text[1024];
data/fish-3.1.2/src/builtin_string.cpp:88:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[STRING_CHUNK_SIZE];
data/fish-3.1.2/src/builtin_string.cpp:678:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buf[128];
data/fish-3.1.2/src/color.cpp:94:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char convert_color(const unsigned char rgb[3], const uint32_t *colors,
data/fish-3.1.2/src/color.cpp:94:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char convert_color(const unsigned char rgb[3], const uint32_t *colors,
data/fish-3.1.2/src/color.cpp:154:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgb[3];
data/fish-3.1.2/src/color.cpp:227:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char term16_color_for_rgb(const unsigned char rgb[3]) {
data/fish-3.1.2/src/color.cpp:227:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char term16_color_for_rgb(const unsigned char rgb[3]) {
data/fish-3.1.2/src/color.cpp:249:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char term256_color_for_rgb(const unsigned char rgb[3]) {
data/fish-3.1.2/src/color.cpp:249:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char term256_color_for_rgb(const unsigned char rgb[3]) {
data/fish-3.1.2/src/color.h:12:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgb[3];
data/fish-3.1.2/src/common.cpp:213:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t text[1024];
data/fish-3.1.2/src/common.cpp:351:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_buff[512];
data/fish-3.1.2/src/common.cpp:381:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char converted[MB_LEN_MAX];
data/fish-3.1.2/src/common.cpp:453:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char converted[MB_LEN_MAX];
data/fish-3.1.2/src/common.cpp:478:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t static_buff[256];
data/fish-3.1.2/src/common.cpp:664:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_msg[512];
data/fish-3.1.2/src/common.cpp:743:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_long_safe(char buff[64], long val) {
data/fish-3.1.2/src/common.cpp:753:23: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_long_safe(wchar_t buff[64], long val) {
data/fish-3.1.2/src/common.cpp:763:25: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_ullong_safe(wchar_t buff[64], unsigned long long val) {
data/fish-3.1.2/src/common.cpp:767:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void narrow_string_safe(char buff[64], const wchar_t *s) {
data/fish-3.1.2/src/common.cpp:855:13: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buf[4];
data/fish-3.1.2/src/common.cpp:914:13: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buf[4];
data/fish-3.1.2/src/common.cpp:2036:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_size_safe(char buff[128], unsigned long long sz) {
data/fish-3.1.2/src/common.cpp:2059:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3] = {'.', extract_most_significant_digit(&remainder), 0};
data/fish-3.1.2/src/common.cpp:2187:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/null", O_WRONLY);
data/fish-3.1.2/src/common.cpp:2227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[PATH_MAX];
data/fish-3.1.2/src/common.cpp:2276:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char osx_tmpdir[PATH_MAX];
data/fish-3.1.2/src/common.h:407:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_size_safe(char buff[128], unsigned long long sz);
data/fish-3.1.2/src/common.h:420:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_long_safe(char buff[64], long val);
data/fish-3.1.2/src/common.h:421:23: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_long_safe(wchar_t buff[64], long val);
data/fish-3.1.2/src/common.h:422:25: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_ullong_safe(wchar_t buff[64], unsigned long long val);
data/fish-3.1.2/src/common.h:425:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void narrow_string_safe(char buff[64], const wchar_t *s);
data/fish-3.1.2/src/env.cpp:192:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/fish-3.1.2/src/env.cpp:322:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/fish-3.1.2/src/env_dispatch.cpp:435:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/fish-3.1.2/src/env_universal_common.cpp:796:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/fish-3.1.2/src/env_universal_common.cpp:827:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char versionbuf[64 + 1];
data/fish-3.1.2/src/env_universal_common.cpp:967:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool get_mac_address(unsigned char macaddr[MAC_ADDRESS_MAX_LEN],
data/fish-3.1.2/src/env_universal_common.cpp:976:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(macaddr, r.ifr_hwaddr.sa_data, MAC_ADDRESS_MAX_LEN);
data/fish-3.1.2/src/env_universal_common.cpp:990:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool get_mac_address(unsigned char macaddr[MAC_ADDRESS_MAX_LEN],
data/fish-3.1.2/src/env_universal_common.cpp:1008:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(macaddr, sdl.sdl_data + sdl.sdl_nlen, alen);
data/fish-3.1.2/src/env_universal_common.cpp:1020:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool get_mac_address(unsigned char macaddr[MAC_ADDRESS_MAX_LEN]) { return false; }
data/fish-3.1.2/src/env_universal_common.cpp:1030:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[256] = {};
data/fish-3.1.2/src/env_universal_common.cpp:1043:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_addr[MAC_ADDRESS_MAX_LEN] = {};
data/fish-3.1.2/src/env_universal_common.cpp:1077:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[NAME_MAX];
data/fish-3.1.2/src/env_universal_common.cpp:1212:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_name[256];
data/fish-3.1.2/src/env_universal_common.cpp:1257:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[64];
data/fish-3.1.2/src/env_universal_common.cpp:1409:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/fish-3.1.2/src/exec.cpp:80:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(command, O_RDONLY);
data/fish-3.1.2/src/exec.cpp:123:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(actual_cmd, O_RDONLY);
data/fish-3.1.2/src/exec.cpp:125:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char begin[1] = {0};
data/fish-3.1.2/src/exec.cpp:134:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv2[128];
data/fish-3.1.2/src/expand.cpp:732:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/fish-3.1.2/src/fallback.cpp:67:21: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
int result_fd = mkstemp(name_template);
data/fish-3.1.2/src/fallback.cpp:85:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(out, in, sizeof(wchar_t) * (len + 1));
data/fish-3.1.2/src/fish.cpp:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[PATH_MAX], *ptr;
data/fish-3.1.2/src/fish.cpp:417:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dummy_argv[2] = {"fish", nullptr};
data/fish-3.1.2/src/fish.cpp:428:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_output = fopen(opts.debug_output.c_str(), "w");
data/fish-3.1.2/src/fish.cpp:497:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(file, O_RDONLY);
data/fish-3.1.2/src/fish_indent.cpp:150:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t prevc_str[4] = {prevc, 0, 0, 0};
data/fish-3.1.2/src/fish_indent.cpp:151:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t nextc_str[4] = {nextc, 0, 0, 0};
data/fish-3.1.2/src/fish_indent.cpp:344:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/fish-3.1.2/src/fish_indent.cpp:614:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(argv[i], "r");
data/fish-3.1.2/src/fish_indent.cpp:648:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(output_location, "w");
data/fish-3.1.2/src/fish_key_reader.cpp:51:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char recent_chars[4] = {0};
data/fish-3.1.2/src/fish_key_reader.cpp:139:12: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t buf[64];
data/fish-3.1.2/src/fish_key_reader.cpp:276:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&old_sigactions[signo], &old_sa, sizeof(old_sa));
data/fish-3.1.2/src/fish_tests.cpp:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PATH_MAX] = {};
data/fish-3.1.2/src/fish_tests.cpp:452:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/fish-3.1.2/src/fish_tests.cpp:458:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[128], buff2[128];
data/fish-3.1.2/src/fish_tests.cpp:460:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff2, "%d", j);
data/fish-3.1.2/src/fish_tests.cpp:463:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wbuf1[128], wbuf2[128];
data/fish-3.1.2/src/fish_tests.cpp:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[128], buff2[128];
data/fish-3.1.2/src/fish_tests.cpp:472:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff2, "%ld", q);
data/fish-3.1.2/src/fish_tests.cpp:481:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "0x%02X ", (int)*input & 0xFF);
data/fish-3.1.2/src/fish_tests.cpp:2292:26: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t **argv = new wchar_t *[count + 3];
data/fish-3.1.2/src/fish_tests.cpp:3880:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[512];
data/fish-3.1.2/src/fish_tests.cpp:3957:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen("tests/history_sample_bash", "r");
data/fish-3.1.2/src/fish_tests.cpp:4756:15: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const wchar_t *argv[15];
data/fish-3.1.2/src/fish_tests.cpp:5075:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ltime_str[3];
data/fish-3.1.2/src/fish_tests.cpp:5404:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wd[PATH_MAX + 1] = {};
data/fish-3.1.2/src/history.cpp:993:13: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t timestamp_string[max_tstamp_length + 1];
data/fish-3.1.2/src/history.cpp:1078:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/fish-3.1.2/src/history.cpp:1136:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/fish-3.1.2/src/input_common.cpp:109:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char arr[1];
data/fish-3.1.2/src/io.cpp:122:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[4096];
data/fish-3.1.2/src/iothread.cpp:293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/fish-3.1.2/src/maybe.h:12:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
alignas(T) char storage[sizeof(T)];
data/fish-3.1.2/src/output.cpp:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[16] = "";
data/fish-3.1.2/src/output.cpp:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/fish-3.1.2/src/output.cpp:376:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MB_LEN_MAX + 1];
data/fish-3.1.2/src/output.cpp:418:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffer, static_buffer[256];
data/fish-3.1.2/src/parser.cpp:311:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(path, "w");
data/fish-3.1.2/src/postfork.cpp:70:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_buff[128];
data/fish-3.1.2/src/postfork.cpp:71:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char job_id_buff[128];
data/fish-3.1.2/src/postfork.cpp:72:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char getpgid_buff[128];
data/fish-3.1.2/src/postfork.cpp:73:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char job_pgid_buff[128];
data/fish-3.1.2/src/postfork.cpp:74:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argv0[64];
data/fish-3.1.2/src/postfork.cpp:75:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[64];
data/fish-3.1.2/src/postfork.cpp:306:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sz1[128], sz2[128];
data/fish-3.1.2/src/postfork.cpp:356:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char interpreter_buff[128] = {}, *interpreter;
data/fish-3.1.2/src/print_help.cpp:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CMD_LEN];
data/fish-3.1.2/src/proc.cpp:166:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/fish-3.1.2/src/proc.cpp:640:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t fn[FN_SIZE];
data/fish-3.1.2/src/proc.cpp:647:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[1024];
data/fish-3.1.2/src/reader.cpp:967:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&tty_modes_for_external_cmds, &terminal_mode_on_startup,
data/fish-3.1.2/src/reader.cpp:973:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&shell_modes, &terminal_mode_on_startup, sizeof shell_modes);
data/fish-3.1.2/src/reader.cpp:1662:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[L_ctermid];
data/fish-3.1.2/src/reader.cpp:1673:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int tty_fd = open(tty, O_RDONLY | O_NONBLOCK);
data/fish-3.1.2/src/reader.cpp:3501:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[4096];
data/fish-3.1.2/src/tinyexpr.cpp:117:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(ret->parameters, parameters, psize);
data/fish-3.1.2/src/utf8.cpp:313:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char oc[4];
data/fish-3.1.2/src/wcstringutil.h:43:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buff[64];
data/fish-3.1.2/src/wcstringutil.h:49:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buff[64];
data/fish-3.1.2/src/wutil.cpp:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PATH_MAX];
data/fish-3.1.2/src/wutil.cpp:207:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(cstring.c_str(), flags | O_CLOEXEC, mode);
data/fish-3.1.2/src/wutil.cpp:209:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(cstring.c_str(), flags, mode);
data/fish-3.1.2/src/wutil.cpp:212:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(cstring.c_str(), flags, mode);
data/fish-3.1.2/src/wutil.cpp:223:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(tmp.c_str(), flags, mode);
data/fish-3.1.2/src/wutil.cpp:362:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[384]; // use a shared buffer for this case
data/fish-3.1.2/src/wutil.cpp:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errnum_buff[64];
data/fish-3.1.2/src/wutil.cpp:379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[384];
data/fish-3.1.2/src/wutil.cpp:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[PATH_MAX];
data/fish-3.1.2/src/wutil.cpp:770:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char narrow[128];
data/fish-3.1.2/pcre2-10.32/src/pcre2_compile.c:9206:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
patlen = PRIV(strlen)(pattern);
data/fish-3.1.2/pcre2-10.32/src/pcre2_config.c:157:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(v) : PRIV(strcpy_c8)((PCRE2_UCHAR *)where, v)));
data/fish-3.1.2/pcre2-10.32/src/pcre2_config.c:202:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(v) : PRIV(strcpy_c8)((PCRE2_UCHAR *)where, v)));
data/fish-3.1.2/pcre2-10.32/src/pcre2_config.c:239:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(v) : PRIV(strcpy_c8)((PCRE2_UCHAR *)where, v)));
data/fish-3.1.2/pcre2-10.32/src/pcre2_convert.c:1078:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (plength == PCRE2_ZERO_TERMINATED) plength = PRIV(strlen)(pattern);
data/fish-3.1.2/pcre2-10.32/src/pcre2_dfa_match.c:3268:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length == PCRE2_ZERO_TERMINATED) length = PRIV(strlen)(subject);
data/fish-3.1.2/pcre2-10.32/src/pcre2_fuzzsupport.c:309:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
readsize = strlen(argv[i]) - 1;
data/fish-3.1.2/pcre2-10.32/src/pcre2_internal.h:183:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen(s) _strlen(s)
data/fish-3.1.2/pcre2-10.32/src/pcre2_jit_test.c:1335:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_value8[1] = pcre2_match_8(re8, (PCRE2_SPTR8)current->input, strlen(current->input),
data/fish-3.1.2/pcre2-10.32/src/pcre2_jit_test.c:1342:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_value8[0] = pcre2_match_8(re8, (PCRE2_SPTR8)current->input, strlen(current->input),
data/fish-3.1.2/pcre2-10.32/src/pcre2_jit_test.c:1346:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_value8[0] = pcre2_jit_match_8(re8, (PCRE2_SPTR8)current->input, strlen(current->input),
data/fish-3.1.2/pcre2-10.32/src/pcre2_match.c:6046:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length == PCRE2_ZERO_TERMINATED) length = PRIV(strlen)(subject);
data/fish-3.1.2/pcre2-10.32/src/pcre2_string_utils.c:209:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PRIV(strlen)(PCRE2_SPTR str)
data/fish-3.1.2/pcre2-10.32/src/pcre2_substitute.c:269:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length == PCRE2_ZERO_TERMINATED) length = PRIV(strlen)(subject);
data/fish-3.1.2/pcre2-10.32/src/pcre2_substitute.c:270:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rlength == PCRE2_ZERO_TERMINATED) rlength = PRIV(strlen)(replacement);
data/fish-3.1.2/pcre2-10.32/src/pcre2demo.c:129:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subject_length = strlen((char *)subject);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:582:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sym_val.dsc$w_length = strlen(val_buf);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:924:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1209:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int plen = strlen((const char *)path);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1270:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen = (equals == NULL)? (int)strlen(op->long_name) :
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:1349:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(f)) != EOF)
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2508:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long newlen = length * jfriedl_XT + strlen(jfriedl_prefix) + strlen(jfriedl_postfix);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2508:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long newlen = length * jfriedl_XT + strlen(jfriedl_prefix) + strlen(jfriedl_postfix);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2516:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(endptr, jfriedl_prefix); endptr += strlen(jfriedl_prefix);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2518:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(endptr, orig, length);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:2521:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(endptr, jfriedl_postfix); endptr += strlen(jfriedl_postfix);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3150:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int fnlength = strlen(pathname) + strlen(nextfile) + 2;
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3150:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int fnlength = strlen(pathname) + strlen(nextfile) + 2;
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3222:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = (int)(strlen(pathname));
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3691:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(arg) : (int)(argequals - arg);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3716:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(arg) : (int)(argequals - arg);
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:3894:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(pd->lastptr) = add_pattern(option_data, (PCRE2_SIZE)strlen(option_data),
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4046:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strspn(cs, ";0123456789") == strlen(cs)) colour_string = cs;
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4157:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
patterns = patterns_last = add_pattern(argv[i], (PCRE2_SIZE)strlen(argv[i]),
data/fish-3.1.2/pcre2-10.32/src/pcre2grep.c:4258:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *end = buffer + (int)strlen(buffer);
data/fish-3.1.2/pcre2-10.32/src/pcre2posix.c:332:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eo = (int)strlen(string);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:975:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen8(x) strlen((char *)x)
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1471:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define STRLEN(p) ((test_mode == PCRE8_MODE)? ((int)strlen((char *)p)) : \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1925:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
G(strlen,BITONE)((G(PCRE2_SPTR,BITONE))p) : \
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:1926:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
G(strlen,BITTWO)((G(PCRE2_SPTR,BITTWO))p))
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:2051:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define STRLEN(p) (int)strlen((char *)p)
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3346:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3365:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlen = strlen((char *)here);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3451:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int mlen = strlen(modlist[mid].name);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3657:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(c1modlist[i].fullname));
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3836:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len == strlen(newlines[i]) &&
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:3890:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (*nn != 0) nn += strlen(nn) + 1;
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:4728:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdlen = strlen(cmdname);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:4785:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nlen = strlen(newlines[i]);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:4887:42: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (i = 0; i < 4; i++) serial_size |= fgetc(f) << (i*8);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:5215:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)pbuffer8, (char *)(buffer+1), patlen + 1);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6169:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int namelen = strlen((const char *)nptr);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6250:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int namelen = strlen((const char *)nptr);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:6383:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((const char *)buffer);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:7039:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (utf) badutf = valid_utf(pr, strlen((const char *)pr), &erroroffset);
data/fish-3.1.2/pcre2-10.32/src/pcre2test.c:8063:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t k = 27 - strlen(m->name);
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:112:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (P_tmpdir != NULL) ? strlen(P_tmpdir) : 0;
data/fish-3.1.2/pcre2-10.32/src/sljit/sljitProtExecAllocator.c:129:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dir);
data/fish-3.1.2/src/builtin.cpp:183:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
opt += std::wcslen(opt) - 1;
data/fish-3.1.2/src/builtin_commandline.cpp:59:28: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_pos = std::wcslen(insert) + (begin - buff);
data/fish-3.1.2/src/builtin_commandline.cpp:72:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_pos += std::wcslen(insert);
data/fish-3.1.2/src/builtin_commandline.cpp:241:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current_cursor_pos = std::wcslen(w.woptarg);
data/fish-3.1.2/src/builtin_commandline.cpp:371:71: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::max(0L, std::min(new_pos, static_cast<long>(std::wcslen(current_buffer))));
data/fish-3.1.2/src/builtin_commandline.cpp:399:32: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = begin + std::wcslen(begin);
data/fish-3.1.2/src/builtin_complete.cpp:288:27: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (condition && std::wcslen(condition)) {
data/fish-3.1.2/src/builtin_complete.cpp:303:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (comp && std::wcslen(comp)) {
data/fish-3.1.2/src/builtin_read.cpp:221:41: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reader_set_buffer(commandline, std::wcslen(commandline));
data/fish-3.1.2/src/common.cpp:336:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcstring str2wcstring(const char *in) { return str2wcs_internal(in, std::strlen(in)); }
data/fish-3.1.2/src/common.cpp:372:60: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *wcs2str(const wchar_t *in) { return wcs2str(in, std::wcslen(in)); }
data/fish-3.1.2/src/common.cpp:586:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t res = read(fd, static_cast<char *>(buf) + bytes_read, count);
data/fish-3.1.2/src/common.cpp:622:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fd, buff, count);
data/fish-3.1.2/src/common.cpp:693:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (end == nullptr) end = cursor + std::strlen(cursor);
data/fish-3.1.2/src/common.cpp:702:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ignore_result(write(STDERR_FILENO, format, std::strlen(format)));
data/fish-3.1.2/src/common.cpp:1164:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
escape_string_script(in, std::wcslen(in), result, flags);
data/fish-3.1.2/src/common.cpp:1699:60: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
success = unescape_string_internal(input, std::wcslen(input), output, escape_special);
data/fish-3.1.2/src/common.cpp:2043:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buff, "empty", buff_size);
data/fish-3.1.2/src/common.cpp:2303:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto len = strlen("/dev/tty");
data/fish-3.1.2/src/common.h:214:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ignore_result(read(0, &exit_read_buff, 1)); \
data/fish-3.1.2/src/env.cpp:400:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/fish-3.1.2/src/env.cpp:605:12: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return mismatch;
data/fish-3.1.2/src/env.cpp:693:22: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t res = umask(guess);
data/fish-3.1.2/src/env.cpp:694:27: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if (res != guess) umask(res);
data/fish-3.1.2/src/env_dispatch.cpp:425:71: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!recognized) recognized = !std::wcsncmp(term, L"xterm-", std::wcslen(L"xterm-"));
data/fish-3.1.2/src/env_dispatch.cpp:426:72: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!recognized) recognized = !std::wcsncmp(term, L"screen-", std::wcslen(L"screen-"));
data/fish-3.1.2/src/env_dispatch.cpp:427:70: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!recognized) recognized = !std::wcsncmp(term, L"tmux-", std::wcslen(L"tmux-"));
data/fish-3.1.2/src/env_universal_common.cpp:128:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = std::strlen(cmd);
data/fish-3.1.2/src/env_universal_common.cpp:129:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!std::equal(cmd, cmd + len, cursor)) {
data/fish-3.1.2/src/env_universal_common.cpp:828:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(line.c_str(), "# VERSION: %64s", versionbuf) != 1) continue;
data/fish-3.1.2/src/env_universal_common.cpp:973:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)r.ifr_name, interface, sizeof r.ifr_name - 1);
data/fish-3.1.2/src/env_universal_common.cpp:1260:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
amt_read = read(notify_fd, buff, sizeof buff);
data/fish-3.1.2/src/env_universal_common.cpp:1312:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ignore_result(read(this->pipe_fd, buff, read_amt));
data/fish-3.1.2/src/env_universal_common.cpp:1411:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ignore_result(read(this->pipe_fd, buff, amt_to_read));
data/fish-3.1.2/src/exec.cpp:85:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t amt = read(fd, &ch, sizeof ch);
data/fish-3.1.2/src/exec.cpp:126:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t amt_read = read(fd, begin, 1);
data/fish-3.1.2/src/exec.cpp:875:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (pipes.read.valid()) {
data/fish-3.1.2/src/exec.cpp:877:89: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::make_shared<io_pipe_t>(STDIN_FILENO, true /* input */, std::move(pipes.read));
data/fish-3.1.2/src/exec.cpp:882:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (const autoclose_fd_t *afd : {&deferred_pipes.read, &deferred_pipes.write}) {
data/fish-3.1.2/src/exec.cpp:1090:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pipe_next_read = std::move(pipes->read);
data/fish-3.1.2/src/expand.cpp:1165:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = std::strlen(str);
data/fish-3.1.2/src/fallback.cpp:79:23: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = std::wcslen(in);
data/fish-3.1.2/src/fish.cpp:119:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pathlen = path.size(), suffixlen = std::strlen(suffix);
data/fish-3.1.2/src/fish.cpp:174:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_path.resize(base_path.size() - std::strlen(suffix));
data/fish-3.1.2/src/fish.cpp:342:72: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_width = std::max(name_width, static_cast<int>(wcslen(cat->name)));
data/fish-3.1.2/src/fish_indent.cpp:66:30: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = fgetc(f); // for printing the warning, and seeks forward 1 byte.
data/fish-3.1.2/src/fish_test_helper.cpp:17:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000 / 4); //.25 secs
data/fish-3.1.2/src/fish_test_helper.cpp:32:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000 / 2);
data/fish-3.1.2/src/fish_test_helper.cpp:39:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000 / 4); //.25 secs
data/fish-3.1.2/src/fish_test_helper.cpp:53:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000 / 2); //.5 secs
data/fish-3.1.2/src/fish_tests.cpp:95:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!std::strncmp(func_name, s_arguments[i], std::strlen(s_arguments[i]))) {
data/fish-3.1.2/src/fish_tests.cpp:478:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *output = (char *)malloc(5 * std::strlen(input) + 1);
data/fish-3.1.2/src/fish_tests.cpp:522:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__LINE__, i, std::strlen(o), o2, std::strlen(n), n2);
data/fish-3.1.2/src/fish_tests.cpp:522:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__LINE__, i, std::strlen(o), o2, std::strlen(n), n2);
data/fish-3.1.2/src/fish_tests.cpp:1033:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(delay * 1E6);
data/fish-3.1.2/src/fish_tests.cpp:1185:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (begin != a || end != begin + std::wcslen(begin)) {
data/fish-3.1.2/src/fish_tests.cpp:1189:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (begin != a || end != begin + std::wcslen(begin)) {
data/fish-3.1.2/src/fish_tests.cpp:1193:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (begin != a || end != begin + std::wcslen(begin)) {
data/fish-3.1.2/src/fish_tests.cpp:1197:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (begin != a || end != begin + std::wcslen(begin)) {
data/fish-3.1.2/src/fish_tests.cpp:1202:27: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (begin != a + std::wcslen(L"echo (")) {
data/fish-3.1.2/src/fish_tests.cpp:1207:27: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (begin != a + std::wcslen(L"echo (echo (")) {
data/fish-3.1.2/src/fish_tests.cpp:1513:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (escape_code_length(L"\x1B[38;5;123mABC") != std::strlen("\x1B[38;5;123m"))
data/fish-3.1.2/src/fish_tests.cpp:1923:75: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = reader_expand_abbreviation_in_command(L"gc somebranch", std::wcslen(L"gc"), vars);
data/fish-3.1.2/src/fish_tests.cpp:1929:75: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = reader_expand_abbreviation_in_command(L"gx somebranch", std::wcslen(L"gc"), vars);
data/fish-3.1.2/src/fish_tests.cpp:1935:57: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::wcslen(L"echo hi ; g"), vars);
data/fish-3.1.2/src/fish_tests.cpp:1941:46: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L"echo (echo (echo (echo (gc ", std::wcslen(L"echo (echo (echo (echo (gc"), vars);
data/fish-3.1.2/src/fish_tests.cpp:1947:67: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = reader_expand_abbreviation_in_command(L"if gc", std::wcslen(L"if gc"), vars);
data/fish-3.1.2/src/fish_tests.cpp:1953:67: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = reader_expand_abbreviation_in_command(L"of gc", std::wcslen(L"of gc"), vars);
data/fish-3.1.2/src/fish_tests.cpp:1957:72: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = reader_expand_abbreviation_in_command(L"command gc", std::wcslen(L"command gc"), vars);
data/fish-3.1.2/src/fish_tests.cpp:3391:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(contents, std::strlen(contents), 1, fp);
data/fish-3.1.2/src/fish_tests.cpp:3439:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(40000);
data/fish-3.1.2/src/fish_tests.cpp:3490:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000 / 10); // corresponds to NAMED_PIPE_FLASH_DURATION_USEC
data/fish-3.1.2/src/fish_tests.cpp:3658:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/fish-3.1.2/src/fish_tests.cpp:4293:40: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const wchar_t *end = format + std::wcslen(format);
data/fish-3.1.2/src/function.cpp:130:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (dir.read(name)) {
data/fish-3.1.2/src/highlight.cpp:543:34: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::fill_n(colors, std::wcslen(PROCESS_EXPAND_SELF_STR), highlight_role_t::operat);
data/fish-3.1.2/src/history.cpp:1080:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((size = read(src_fd.fd(), buf, BUFSIZ)) > 0) {
data/fish-3.1.2/src/history_file.cpp:34:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t amt = read(fd, ptr, remaining);
data/fish-3.1.2/src/history_file.cpp:64:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t needle_len = std::strlen(needle), replacement_len = std::strlen(replacement);
data/fish-3.1.2/src/history_file.cpp:64:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t needle_len = std::strlen(needle), replacement_len = std::strlen(replacement);
data/fish-3.1.2/src/history_file.cpp:374:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t double_cmd_len = std::strlen(double_cmd);
data/fish-3.1.2/src/history_file.cpp:378:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_start += std::strlen("- cmd: ");
data/fish-3.1.2/src/history_file.cpp:384:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t cmd_when_len = std::strlen(cmd_when);
data/fish-3.1.2/src/io.cpp:123:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(fd, buff, sizeof buff);
data/fish-3.1.2/src/io.cpp:189:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (make_fd_nonblocking(pipes->read.fd())) {
data/fish-3.1.2/src/io.cpp:196:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buffer->begin_background_fillthread(std::move(pipes->read));
data/fish-3.1.2/src/io.cpp:334:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!read.valid()) return none();
data/fish-3.1.2/src/io.cpp:339:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return autoclose_pipes_t(std::move(read), std::move(write));
data/fish-3.1.2/src/io.h:381:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
autoclose_fd_t read;
data/fish-3.1.2/src/io.h:388:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
: read(std::move(r)), write(std::move(w)) {}
data/fish-3.1.2/src/io.h:419:52: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
void append(const wchar_t *s) { append(s, std::wcslen(s)); }
data/fish-3.1.2/src/iothread.cpp:147:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/fish-3.1.2/src/iothread.cpp:286:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int iothread_port() { return get_notify_pipes().read; }
data/fish-3.1.2/src/iothread.cpp:294:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(port, buff, sizeof buff) > 0) {
data/fish-3.1.2/src/output.cpp:484:45: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
color_name = wcstring(next, wcslen(prefix));
data/fish-3.1.2/src/output.h:72:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
void writestr(const char *str) { writestr(str, std::strlen(str)); }
data/fish-3.1.2/src/pager.cpp:852:26: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t result = std::wcslen(SEARCH_FIELD_PROMPT) + this->search_field_line.position;
data/fish-3.1.2/src/parse_util.cpp:170:63: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*end = paran_count ? const_cast<wchar_t *>(in) + std::wcslen(in) : paran_end;
data/fish-3.1.2/src/parse_util.cpp:245:33: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t bufflen = std::wcslen(buff);
data/fish-3.1.2/src/parse_util.cpp:369:27: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bufflen = std::wcslen(buff);
data/fish-3.1.2/src/postfork.cpp:313:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += std::strlen(*p) + 1;
data/fish-3.1.2/src/postfork.cpp:317:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += std::strlen(*p) + 1;
data/fish-3.1.2/src/print_help.cpp:22:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write_loop(2, HELP_ERR, std::strlen(HELP_ERR));
data/fish-3.1.2/src/proc.cpp:391:41: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t ellipsis_length = std::wcslen(ellipsis_str); // no need for wcwidth
data/fish-3.1.2/src/proc.cpp:654:17: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int count = fscanf(f,
data/fish-3.1.2/src/reader.cpp:581:47: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const wchar_t *end = begin + std::wcslen(begin);
data/fish-3.1.2/src/reader.cpp:1680:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(tty_fd, &tmp, 1) < 0 && errno == EIO) {
data/fish-3.1.2/src/screen.cpp:112:36: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
screen_name_end + std::wcslen(screen_name_end_sentinel);
data/fish-3.1.2/src/screen.cpp:513:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
abs(x_steps) * std::strlen(str) > std::strlen(multi_str);
data/fish-3.1.2/src/screen.cpp:513:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
abs(x_steps) * std::strlen(str) > std::strlen(multi_str);
data/fish-3.1.2/src/timer.cpp:188:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wall_time, unit_short_name(wall_unit), strlen(unit_short_name(wall_unit)) - 1,
data/fish-3.1.2/src/timer.cpp:189:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
"fish", strlen(unit_short_name(fish_unit)) - 1, "external", usr_time,
data/fish-3.1.2/src/tokenizer.cpp:206:62: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->token_cursor + wcslen(this->token_cursor));
data/fish-3.1.2/src/tokenizer.cpp:233:44: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->token_cursor += std::wcslen(this->token_cursor);
data/fish-3.1.2/src/topic_monitor.cpp:53:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
DIE_ON_FAILURE(make_fd_nonblocking(pipes_.read.fd()));
data/fish-3.1.2/src/topic_monitor.cpp:146:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fd = pipes_.read.fd();
data/fish-3.1.2/src/topic_monitor.cpp:157:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto unused = read(fd, ignored, sizeof ignored);
data/fish-3.1.2/src/wcstringutil.cpp:47:47: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return input.substr(0, max_len - std::wcslen(ellipsis_str)).append(ellipsis_str);
data/fish-3.1.2/src/wcstringutil.cpp:120:31: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t suffix_size = std::wcslen(proposed_suffix);
data/fish-3.1.2/src/wgetopt.cpp:275:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += std::wcslen(nextchar);
data/fish-3.1.2/src/wgetopt.cpp:286:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += std::wcslen(nextchar);
data/fish-3.1.2/src/wgetopt.cpp:292:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += std::wcslen(nextchar);
data/fish-3.1.2/src/wgetopt.cpp:313:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
static_cast<unsigned int>(wcslen(p->name))) {
data/fish-3.1.2/src/wgetopt.cpp:350:26: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += std::wcslen(nextchar);
data/fish-3.1.2/src/wildcard.cpp:88:40: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return wildcard_has_impl(str, std::wcslen(str), internal);
data/fish-3.1.2/src/wildcard.cpp:241:42: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(!full_replacement || std::wcslen(wc) <= std::wcslen(str));
data/fish-3.1.2/src/wildcard.cpp:241:61: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(!full_replacement || std::wcslen(wc) <= std::wcslen(str));
data/fish-3.1.2/src/wildcard.cpp:242:79: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcstring out_completion = full_replacement ? params.orig : str + std::wcslen(wc);
data/fish-3.1.2/src/wildcard.cpp:825:32: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t wc_len = std::wcslen(wc);
data/fish-3.1.2/src/wutil.cpp:250:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dir_t::read(wcstring &name) { return wreaddir(this->dir, name); }
data/fish-3.1.2/src/wutil.cpp:334:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
std::strncat(buffer, s, buffsize - std::strlen(buffer) - 1);
data/fish-3.1.2/src/wutil.cpp:334:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::strncat(buffer, s, buffsize - std::strlen(buffer) - 1);
data/fish-3.1.2/src/wutil.cpp:389:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ignore_result(write(STDERR_FILENO, buff, std::strlen(buff)));
data/fish-3.1.2/src/wutil.cpp:620:72: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int fish_wcswidth(const wchar_t *str) { return fish_wcswidth(str, std::wcslen(str)); }
data/fish-3.1.2/src/wutil.cpp:771:23: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = std::wcslen(str);
data/fish-3.1.2/src/wutil.h:181:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(wcstring &name);
ANALYSIS SUMMARY:
Hits = 643
Lines analyzed = 174145 in approximately 7.86 seconds (22169 lines/second)
Physical Source Lines of Code (SLOC) = 127331
Hits@level = [0] 1090 [1] 194 [2] 271 [3] 31 [4] 144 [5] 3
Hits@level+ = [0+] 1733 [1+] 643 [2+] 449 [3+] 178 [4+] 147 [5+] 3
Hits/KSLOC@level+ = [0+] 13.6102 [1+] 5.04983 [2+] 3.52624 [3+] 1.39793 [4+] 1.15447 [5+] 0.0235606
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.